Hi Henry, Does that mean for example, if I own the Zookeeper server and physical machine and have lots of clients using this Zookeeper server, I can simply look at the logfiles and snapshot files and see all of the information created by those clients?
Thanks, Harold --- On Thu, 6/25/09, Henry Robinson <he...@cloudera.com> wrote: > From: Henry Robinson <he...@cloudera.com> > Subject: Re: General Question about Zookeeper > To: email@example.com > Date: Thursday, June 25, 2009, 2:01 PM > Hi Harold, > > Each ZooKeeper server stores updates to znodes in logfiles, > and periodic > snapshots of the state of the datatree in snapshot files. > > A user who has the same permissions as the server will be > able to read these > files, and can therefore recover the state of the datatree > without the ZK > server intervening. ACLs are applied only by the server; > there is no > filesystem-level representation of them. > > Henry > > > > On Thu, Jun 25, 2009 at 6:48 PM, Harold Lim <rold...@yahoo.com> > wrote: > > > > > Hi All, > > > > How does zookeeper store data/files? > > From reading the doc, the clients can put ACL on > files/znodes to limit > > read/write/create of other clients. However, I was > wondering how are these > > znodes stored on Zookeeper servers? > > > > I am interested in a security aspect of zookeeper, > where the clients and > > the servers don't necessarily belong to the same > "group". If a client > > creates a znode in the zookeeper? Can the person, who > owns the zookeeper > > server, simply look at its filesystem and read the > data (out-of-band, not > > using a client, simply browsing the file system of the > machine hosting the > > zookeeper server)? > > > > > > Thanks, > > Harold > > > > > > > > >