Mickael Maison created KAFKA-14822:
--------------------------------------
Summary: Allow restricting File and Directory ConfigProviders to
specific paths
Key: KAFKA-14822
URL: https://issues.apache.org/jira/browse/KAFKA-14822
Project: Kafka
Issue Type: Improvement
Reporter: Mickael Maison
Assignee: Mickael Maison
In sensitive environments, it would be interesting to be able to restrict the
files that can be accessed by the built-in configuration providers.
For example:
config.providers=directory
config.providers.directory.class=org.apache.kafka.connect.configs.DirectoryConfigProvider
config.providers.directory.path=/var/run
Then if a caller tries to access another path, for example
ssl.keystore.password=${directory:/etc/passwd:keystore-password}
it would be rejected.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
