Hey Harold, > I am interested in a security aspect of zookeeper, where the clients and the > servers don't necessarily belong to the same "group". If a client creates a > znode in the zookeeper? Can the person, who owns the zookeeper server, simply > look at its filesystem and read the data (out-of-band, not using a client, > simply browsing the file system of the machine hosting the zookeeper server)?
Yes, absolutely. You could certainly encrypt the data that goes through the ZooKeeper server, but since ZooKeeper is supposed to be doing coordination work, I think that if you don't trust the server, the whole situation might get a bit awkward. I'm curious about your use case, since I'm pondering about doing something where clients don't necessarily trust other clients or machines in the same network (or even different users in the same machine), thus might require additional tighting up, but if you don't trust the server itself, that may be tricky. Please note that ZooKeeper isn't meant to be used just as a distributed filesystem for storage, but that's probably not your intention anyway. -- Gustavo Niemeyer http://niemeyer.net
