You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@zeppelin.apache.org by "Jeff Zhang (JIRA)" <ji...@apache.org> on 2017/10/13 01:54:00 UTC
[jira] [Created] (ZEPPELIN-2987) Potential security issue of
passing zeppelin server env to interpreter process
Jeff Zhang created ZEPPELIN-2987:
------------------------------------
Summary: Potential security issue of passing zeppelin server env to interpreter process
Key: ZEPPELIN-2987
URL: https://issues.apache.org/jira/browse/ZEPPELIN-2987
Project: Zeppelin
Issue Type: Bug
Reporter: Jeff Zhang
For now, all the enviroment variable is passed to interpreter process. This could cause some potential security issue. e.g. user can get the S3 credential in interpreter process as it is passed from zeppelin server via env
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)