If i remember correctly it was because we wanted to allow non-secure client still get into child consumers node and create their zookeeper nodes to keep track of offset. If we add the acl at the parent path they won't be able to write to the child nodes.
Thanks, Harsha On Fri, Jul 1, 2016, at 06:00 AM, Stevo Slavić wrote: > Hello Apache Kafka community, > > Is there a reason why acls are not passed through in > https://github.com/apache/kafka/blob/trunk/core/src/main/scala/kafka/utils/ZkUtils.scala#L404 > call ? > > If one overrides and uses custom acls for a node, parent if missing might > get created with default ACL. > > Kind regards, > Stevo Slavic.