On 3/14/13 5:21 PM, Mark Miller wrote:
On Mar 14, 2013, at 3:16 AM, Per Steffensen <[email protected]> wrote:
Even though you do not share zookeeper you might want to set up permissions
anyway, but never mind.
That's just the only reason I care about. Otherwise, I'm of a similar mind with
ZooKeeper security as I am with Solr - lock it up behind closed doors and only
allow trusted access. Makes things simpler for us.
The problem is that it's really nice to only have to run one ZooKeeper for many
services. And in that case, it's really nice to ensure they won't interfere
with each other due to bugs or misconfiguration.
So for that reason, I'd support this change. The other reasons really don't
sway me at all.
Thats cool. I understand your points. Its just that my customer is very
very paranoid - like in CIA'ish paranoid. We do not even trust people
with access to the actual machines running Solr or ZK (at least not all
of them, depending on how many starts are on their shoulders), and we
need to run CloudSolrServers in an environment where we trust people
even less. I know this is probably not a feature that will be used by
many people, but what the heck, if its transparent and default is no
protection, no harm done supporting it. And it will not be a lot of code.
Regards, Steff
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
