[
https://issues.apache.org/jira/browse/FLINK-5818?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15873962#comment-15873962
]
ASF GitHub Bot commented on FLINK-5818:
---------------------------------------
Github user greghogan commented on the issue:
https://github.com/apache/flink/pull/3335
@WangTaoTheTonic, ACLs combine with the standard file permissions
(`user-group-other`). Only one ACL is necessary to implement this PR. A second
ACL would allow, for example, a `flink_admin` group to access all checkpoint
directories.
> change checkpoint dir permission to 700 for security reason
> -----------------------------------------------------------
>
> Key: FLINK-5818
> URL: https://issues.apache.org/jira/browse/FLINK-5818
> Project: Flink
> Issue Type: Sub-task
> Components: Security, State Backends, Checkpointing
> Reporter: Tao Wang
>
> Now checkpoint directory is made w/o specified permission, so it is easy for
> another user to delete or read files under it, which will cause restore
> failure or information leak.
> It's better to lower it down to 700.
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
