Hello,
As shared before[0], the ASF security team is concerned about the ability
of the Zeppelin project to respond to security issues.
In the vast majority of Zeppelin deployments, either the network or Shiro
needs to be configured to make sure only trusted users have access. Those
users must be
Hello ASF Security Team,
Thank you for initiating this discussion and for your proposals regarding
Apache Zeppelin's security posture.
Based on my experience operating Zeppelin in production environments, I
agree with the premise that users accessing the same instance must be
trusted. Given the d
