You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@zeppelin.apache.org by "Ruslan Dautkhanov (JIRA)" <ji...@apache.org> on 2017/02/07 02:02:41 UTC
[jira] [Created] (ZEPPELIN-2068) Change credentials.json and
interpreter.json access permission to 0600
Ruslan Dautkhanov created ZEPPELIN-2068:
-------------------------------------------
Summary: Change credentials.json and interpreter.json access permission to 0600
Key: ZEPPELIN-2068
URL: https://issues.apache.org/jira/browse/ZEPPELIN-2068
Project: Zeppelin
Issue Type: Improvement
Affects Versions: 0.7.0
Reporter: Ruslan Dautkhanov
Priority: Critical
credentials.json and interpreter.json are created with default group-readable and world-readable permissions.
Both files can store passwords.
interpreter.json can store passwords, for example, if we have a custom repository - it'll be stored there clear text.
credentials.json obviously store passwords too
Please change default file permissions for credentials.json and interpreter.json to 0600.
Other users should not see clear text passwords.
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)