Szabolcs Gál created HDDS-12076:
-----------------------------------
Summary: Limit permissions on external private keys
Key: HDDS-12076
URL: https://issues.apache.org/jira/browse/HDDS-12076
Project: Apache Ozone
Issue Type: Improvement
Reporter: Szabolcs Gál
In [HDDS-11070|https://issues.apache.org/jira/browse/HDDS-11070] the external
private key permissions were not limited to just one user.
There are various considerations when Ozone wants to set an external file's
permissions, it shouldn't just change it as other applications might rely on
accessing it. A good way to handle this would be to expect the file's
permissions to be set correctly already (that is only the user running Ozone
can access the private key) and throw an exception if it's not the case. This
should be hidden behind a configuration option though to be able to turn it off
if users trying to use external keys don't want to configure the permissions.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
