Hey Harold,

> I am interested in a security aspect of zookeeper, where the clients and the 
> servers don't necessarily belong to the same "group". If a client creates a 
> znode in the zookeeper? Can the person, who owns the zookeeper server, simply 
> look at its filesystem and read the data (out-of-band, not using a client, 
> simply browsing the file system of the machine hosting the zookeeper server)?

Yes, absolutely.  You could certainly encrypt the data that goes
through the ZooKeeper server, but since ZooKeeper is supposed to be
doing coordination work, I think that if you don't trust the server,
the whole situation might get a bit awkward.  I'm curious about your
use case, since I'm pondering about doing something where clients
don't necessarily trust other clients or machines in the same network
(or even different users in the same machine), thus might require
additional tighting up, but if you don't trust the server itself, that
may be tricky.  Please note that ZooKeeper isn't meant to be used just
as a distributed filesystem for storage, but that's probably not your
intention anyway.

Gustavo Niemeyer

Reply via email to