Ruslan Dautkhanov created ZEPPELIN-2703: -------------------------------------------
Summary: Drop down user's interpreter uid to authenticated user's uid Key: ZEPPELIN-2703 URL: https://issues.apache.org/jira/browse/ZEPPELIN-2703 Project: Zeppelin Issue Type: Improvement Affects Versions: 0.7.2, 0.7.0, 0.8.0 Reporter: Ruslan Dautkhanov Priority: Critical Would be great if Zeppelin would launch user's Zeppelin interpreter processes under their own uid through setuid() call. So then keytabs could be locked down to be accessible to that one user. For example, after I LDAP-authenticated as "tagar" user, Zeppelin will drop down uid to tagar user and its keytab will have unix access bits set to 0600. As suggested on [PR-2407|https://github.com/apache/zeppelin/pull/2407#issuecomment-311485194] for ZEPPELIN-1907. Another advantage is that for example, user's shell interpreter would find ~ to be correct user's home directory, not a shared service accounts' home directory. Notice, that setuid() doesn't require Zeppelin to run as root user. It's only required to set CAP_SETUID Linux capability on the executable so Zeppelin server can change user's interpreter processes from Zeppelin's service account's uid to that specific user's uid. -- This message was sent by Atlassian JIRA (v6.4.14#64029)