You are viewing a plain text version of this content. The canonical link for it is here.

Posted to user@zookeeper.apache.org by Matt Wise <ma...@nextdoor.com> on 2012/12/27 17:30:48 UTC

ACLs Ephemeral Nodes?

Is there a way to set an ACL for an ephemeral node so that it cannot be deleted/modified by anybody other than the unique session ID that created it? It seems like if I have the following path layout and I set /servers so that its 'read only' to everyone, and a special digest auth has access to create/delete/modify it, that auth also has access to delete the nodes from it. 

> /servers/server1:22
> /servers/server2:22
> /servers/server3:22

Ideally, I'd like to say that a client needs special credentials to create a node in there (say: 'foo:bar').. but once that node is created, no other session ID can delete or change that node. However, it seems like the ability to delete a child node rests in the permissions of the parent directory, rather  than on that child node itself. Correct?

--Matt