kerneltime commented on PR #4620: URL: https://github.com/apache/ozone/pull/4620#issuecomment-1524062439
> > Writes to /tmp/ozone.token and the permissions allow another user to read it. > > This makes sense to me. The permissions should be set for the user. > > > A second user cannot run the command as the /tmp folder does not allow another user to delete the file. > > Isn't this an incompatible change? Changing CLI behaviour, the commands which used to work before won't work post upgrade having this patch. > > Anyway -t can be used to specify a location, the default is "/tmp/ozone.token", if two individuals run it with same path with -t they would have land up in the same situation even now, right? The problem is that the default is common under /tmp > > May be the default value itself should have been initially like `/tmp/<user>-ozone.token` Putting token in `/tmp` is not the right thing. The knowledge of token generation is not right. A user can put the token in a common folder but the CLI should not default to it. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
