You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@zeppelin.apache.org by "Jeff Zhang (JIRA)" <ji...@apache.org> on 2017/10/13 01:54:00 UTC

[jira] [Created] (ZEPPELIN-2987) Potential security issue of passing zeppelin server env to interpreter process

Jeff Zhang created ZEPPELIN-2987:
------------------------------------

             Summary: Potential security issue of passing zeppelin server env to interpreter process
                 Key: ZEPPELIN-2987
                 URL: https://issues.apache.org/jira/browse/ZEPPELIN-2987
             Project: Zeppelin
          Issue Type: Bug
            Reporter: Jeff Zhang


For now, all the enviroment variable is passed to interpreter process. This could cause some potential security issue. e.g. user can get the S3 credential in interpreter process as it is passed from zeppelin server via env



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)