You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@storm.apache.org by "Jungtaek Lim (JIRA)" <ji...@apache.org> on 2018/02/19 11:26:02 UTC

[jira] [Created] (STORM-2960) Better to stress importance of setting up proper OS account for Storm processes

Jungtaek Lim created STORM-2960:
-----------------------------------

             Summary: Better to stress importance of setting up proper OS account for Storm processes
                 Key: STORM-2960
                 URL: https://issues.apache.org/jira/browse/STORM-2960
             Project: Apache Storm
          Issue Type: Documentation
          Components: documentation
            Reporter: Jungtaek Lim
            Assignee: Jungtaek Lim


We have SECURITY.md and also "Firewall/OS level Security" section, but the document doesn't explicitly mention the fact that Storm processes should use OS account(s) which should be properly restricted. We may also want to note that workers which could execute arbitrary code will be running with Supervisor OS account by default.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)