potiuk commented on issue #33276: URL: https://github.com/apache/airflow/issues/33276#issuecomment-1672979060
This is misunderstanding of Airlfow's security model. DAG author - by uploading a DAG has capabilities to do everything in the worker. It is part of our security model and it is not something we are going to change, not somethign that is possible to change in the way how bash, Python and unix works. If you have a way to read config to perform the task, and have a way to write a code that can perform any code, you cannot prevent that somene from doing anything - in cluding getting your configuration wrapping it into a zip file and sending it to the whole world. What you are asking for is logically impossible to do. This is nicely described in our model. You should read Airflow's Security model and understand what capabilities different actors in Airlfow "realm" have - we updated and clarified it recently and when we release 2.7.0 it will be further updated and clarified: https://airflow.apache.org/docs/apache-airflow/stable/security/index.html#airflow-security-model-user-types It's up to Deployment Manger to set-up the right rules and tooling at teh "DAG" submission gates (for example code review, automated checks etc.) if Deployment's Manager's intention is to prevent certain actions (it's also described in our model) Also there is an upcoming work under the umbrella of AIP-1 https://cwiki.apache.org/confluence/pages/viewpage.action?pageId=89066609 and "mutli-tenancy" work - which will add a few more things to the model: mainly eventually you will be able to limit access to some tenant-specific configuration (Variables and Configuration) to only be available for DAGs of that tenant, but it does not change the model substantially, it just allows to isolate presence of certain sensitive information to only a group of DAG authors (but DAG authors in that group will continue to be able to do anything). You need to adapt your security expectations and your own processes to the model, simply. There are no intentions (or even this is actually impossible without changing how Python interpreter works and changing some super -basic principles on how airflow works) to change it, so my recommendation is not to try to wast your time on it. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
