Hi David, 
 Good question. You can set acls on the root. There is a minor bug related
to it (though its easy to get around it).

The jira is
http://issues.apache.org/jira/browse/ZOOKEEPER-433

The bug is that ZooKeeper does not allow you to do a get acl on the root if
it has not been set. You will still be able to set acl on the root and then
do a getacl with the right auth but just that a get acl on a raw root node
without any acl's being set by admin/user fails.

Hope that helps
mahadev 


On 6/17/09 12:56 AM, "David Graf" <david.g...@28msec.com> wrote:

> Hello
> 
> Thanks a lot for the answers!
> 
> Due to the fact that I am running my ZooKeeper servers and clients on
> Amazon EC2 instances, using the ec2 Security Groups might be the best
> choice.
> 
> Nevertheless, I have a question concerning the authentification on the
> znode level. How is it possible to prevent clients creating node on
> the root level? Is it also possible to set an ACL on the root
> (although the root is not created by a client)?
> 
> David

Reply via email to