Ruslan Dautkhanov created ZEPPELIN-2703:
-------------------------------------------
Summary: Drop down user's interpreter uid to authenticated user's
uid
Key: ZEPPELIN-2703
URL: https://issues.apache.org/jira/browse/ZEPPELIN-2703
Project: Zeppelin
Issue Type: Improvement
Affects Versions: 0.7.2, 0.7.0, 0.8.0
Reporter: Ruslan Dautkhanov
Priority: Critical
Would be great if Zeppelin would launch user's Zeppelin interpreter processes
under their own uid through setuid() call.
So then keytabs could be locked down to be accessible to that one user.
For example, after I LDAP-authenticated as "tagar" user, Zeppelin will drop
down uid to tagar user and its keytab will have unix access bits set to 0600.
As suggested on
[PR-2407|https://github.com/apache/zeppelin/pull/2407#issuecomment-311485194]
for ZEPPELIN-1907.
Another advantage is that for example, user's shell interpreter would find ~ to
be correct user's home directory, not a shared service accounts' home directory.
Notice, that setuid() doesn't require Zeppelin to run as root user. It's only
required to set CAP_SETUID Linux capability on the executable so Zeppelin
server can change user's interpreter processes from Zeppelin's service
account's uid to that specific user's uid.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
