Github user HeartSaVioR commented on a diff in the pull request: https://github.com/apache/storm/pull/2562#discussion_r169179563 --- Diff: docs/SECURITY.md --- @@ -17,6 +17,9 @@ Authentication and Authorization. But to do so usually requires configuring your Operating System to restrict the operations that can be done. This is generally a good idea even if you plan on running your cluster with Auth. +Meaning to say, Storm's OS level security is based on running Storm processes with proper OS account, --- End diff -- I think that's clearer. Thanks for suggestion.