[
https://issues.apache.org/jira/browse/FLINK-5818?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15889285#comment-15889285
]
ASF GitHub Bot commented on FLINK-5818:
---------------------------------------
Github user EronWright commented on the issue:
https://github.com/apache/flink/pull/3335
When working on FLINK-3932, I came to the conclusion that the state backend
data should probably be written into the Hadoop user's home directory, since
most Hadoop setups protect the home directory. Would that solve the problem
here?
> change checkpoint dir permission to 700 for security reason
> -----------------------------------------------------------
>
> Key: FLINK-5818
> URL: https://issues.apache.org/jira/browse/FLINK-5818
> Project: Flink
> Issue Type: Sub-task
> Components: Security, State Backends, Checkpointing
> Reporter: Tao Wang
> Assignee: Tao Wang
>
> Now checkpoint directory is made w/o specified permission, so it is easy for
> another user to delete or read files under it, which will cause restore
> failure or information leak.
> It's better to lower it down to 700.
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
