[GitHub] [kafka] lct45 commented on a change in pull request #9583: [KAFKA-10705]: Make state stores not readable by others

[GitBox <gi...@apache.org>]

lct45 commented on a change in pull request #9583:
URL: https://github.com/apache/kafka/pull/9583#discussion_r523055221



##########
File path: streams/src/main/java/org/apache/kafka/streams/processor/internals/StateDirectory.java
##########
@@ -102,6 +107,15 @@ public StateDirectory(final StreamsConfig config, final Time time, final boolean
             log.warn("Using /tmp directory in the state.dir property can cause failures with writing the checkpoint file" +
                 " due to the fact that this directory can be cleared by the OS");
         }
+        final Path basePath = Paths.get(baseDir.getPath());
+        final Path statePath = Paths.get(stateDir.getPath());
+        final Set<PosixFilePermission> perms = PosixFilePermissions.fromString("rwxr-x---");

Review comment:
       I agree with what Bruno said for the reading. I think allowing execute for group members isn't a security risk, since it's still somewhat contained. I ran the streams test without having execute for group and I got an exception in `StreamTableJoinTopologyOptimizationIntegrationTest` test `shouldDoStreamTableJoinWithDifferentNumberOfPartitions`. It looks like the integration test utils weren't able to clear the directory because groups didn't have execute authorization. Since it doesn't seem like allowing groups to execute would constitute a security risk, it seems like this is a good thing to keep for testing capabilities




----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org