Github user srdo commented on a diff in the pull request:
https://github.com/apache/storm/pull/2562#discussion_r169144441
--- Diff: docs/SECURITY.md ---
@@ -17,6 +17,9 @@ Authentication and Authorization. But to do so usually
requires
configuring your Operating System to restrict the operations that can be
done.
This is generally a good idea even if you plan on running your cluster
with Auth.
+Meaning to say, Storm's OS level security is based on running Storm
processes with proper OS account,
--- End diff --
I think this is a little hard to understand. What do you think about
"Storm's OS level security relies on running Storm processes using OS accounts
that have only the permissions they need. Note that workers run under the same
OS account as the Supervisor daemon by default"?
---
