joefk edited a comment on issue #6428: [Issue 5720][authorization provider] (WIP) Add more granularity URL: https://github.com/apache/pulsar/pull/6428#issuecomment-591780566 I see that there is an unload permission being granted to namespace owners? What is the rationale? A few many unloads, and you ZK and cluster is dead. There is a reason these operations are restricted. So unless you are willing to introduce and implement adequate defense measures into Pulsar, these are all opening DOS and vulnerabilities into the system.
---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org With regards, Apache Git Services