[GitHub] zeppelin pull request #1987: [ZEPPELIN-2086] Change interpreter.json & crede...

[AhyoungRyu]

GitHub user AhyoungRyu opened a pull request:

    https://github.com/apache/zeppelin/pull/1987

    [ZEPPELIN-2086] Change interpreter.json & credentials.json permission to 600

    ### What is this PR for?
    As @Tagar reported in 
[ZEPPELIN-2086](https://issues.apache.org/jira/browse/ZEPPELIN-2086), 
`conf/interpreter.json` & `conf/credentials.json` can store passwords. For the 
sake of any security issues, we should set the permission of those files to 
`600` not default one `644`. 
    
    ### What type of PR is it?
    Improvement
    
    ### What is the Jira issue?
    [ZEPPELIN-2086](https://issues.apache.org/jira/browse/ZEPPELIN-2086)
    
    ### TODO
    
    - [ ] Add test case
    
    ### How should this be tested?
    1. rm both `conf/interpreter.json` & `conf/credentials.json`
    2. apply this patch -> build 
    ```
    $ mvn clean package -DskipTests -pl 'zeppelin-interpreter, zeppelin-server, 
zeppelin-zengine'
    ```
    
    3. restart Zeppelin server 
    4. check the permission of `conf/interpreter.json`. It should be 
    ```
    -rw-------   interpreter.json
    ```
    
    5. To check the `credentials.json`, open 
`http://localhost:8080/#/credential` and create new credential set. Then new 
`credentials.json` will be created under `conf/`. 
     ```
    -rw-------   credentials.json
    ```
    
    ### Screenshots (if appropriate)
    
    
    ### Questions:
    * Does the licenses files need update? no
    * Is there breaking changes for older versions? no
    * Does this needs documentation? no


You can merge this pull request into a Git repository by running:

    $ git pull https://github.com/AhyoungRyu/zeppelin ZEPPELIN-2086

Alternatively you can review and apply these changes as the patch at:

    https://github.com/apache/zeppelin/pull/1987.patch

To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:

    This closes #1987
    
----
commit 044d7d4783509921cade2ce4ceeccc1cb1cc02cd
Author: AhyoungRyu <fbdkdu...@hanmail.net>
Date:   2017-02-08T04:36:21Z

    Change interpreter.json & credentials.json permission to 600

----


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---