You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@zeppelin.apache.org by Xun Liu <ne...@163.com> on 2019/05/23 14:27:40 UTC
[discuss] if runners permission is empty, every authenticated user
can view the notebook
Hi Folks,
https://issues.apache.org/jira/browse/ZEPPELIN-4167 <https://issues.apache.org/jira/browse/ZEPPELIN-4167>
if runners permission is empty, every authenticated user can view the notebook.
I also think that if you don't set permissions, you shouldn't use anyone.
This is more rigorous, More secure.
Look at everyone's opinions, how?
Re: [discuss] if runners permission is empty, every authenticated
user can view the notebook
Posted by Jeff Zhang <zj...@gmail.com>.
Created https://jira.apache.org/jira/browse/ZEPPELIN-4170
Paul Brenner <pb...@placeiq.com> 于2019年5月24日周五 下午7:55写道:
> That sounds very reasonable and would work well for us.
>
>
>
> PAUL BRENNER
>
> Head of Data Science
> pbrenner@placeiq.com | (217) 390-3033 | www.placeiq.com
> twitter @placeiq <https://twitter.com/PlaceIQ> linkedin /placeiq
> <https://www.linkedin.com/company/placeiq/>
> [image: Cannes in View]
> <http://pages.placeiq.com/FY19Q2-CannesMeeting_LP-Registration.html>
> [image: PlaceIQ: Oracle Data Cloud Premier Data Provider]
> <http://go.placeiq.com/WC01DPG0l0N3Gq000000e00>
>
>
>
>
>
> On May 24, 2019, 2:17 AM -0400, Jeff Zhang <zj...@gmail.com>, wrote:
>
> Hi Paul,
>
> The default value of Reader is all the users make sense for me, but
> regarding the Writer/Runner, it seems better to be the owner user by
> default. Will that affect your existing installation ?
>
> Paul Brenner <pb...@placeiq.com> 于2019年5月23日周四 下午10:54写道:
>
> If I’m understanding correctly, this is exactly how we want zeppelin to
> behave in our environment: We want all notebooks to be viewable by anyone
> who can authenticate into our zeppelin server. I would hate to lose this
> feature or suddenly be required to change permissions on every created
> notebook to make sure they remain viewable. We use zeppelin to share
> notebooks within teams so don’t want this to be locked down by default.
>
> If a change is made, would it be possible to do it as an option that we
> could turn off so we can continue to use zeppelin as is?
>
>
>
>
>
> PAUL BRENNER
>
> Head of Data Science
> pbrenner@placeiq.com | (217) 390-3033 | www.placeiq.com
> twitter @placeiq <https://twitter.com/PlaceIQ> linkedin /placeiq
> <https://www.linkedin.com/company/placeiq/>
> [image: Cannes in View]
> <http://pages.placeiq.com/FY19Q2-CannesMeeting_LP-Registration.html>
> [image: PlaceIQ: Oracle Data Cloud Premier Data Provider]
> <http://go.placeiq.com/WC01DPG0l0N3Gq000000e00>
>
>
>
>
>
> On May 23, 2019, 10:44 AM -0400, Jeff Zhang <zj...@gmail.com>, wrote:
>
> I think the default value should be the user who created the note.
>
>
> Xun Liu <ne...@163.com> 于2019年5月23日周四 下午10:28写道:
>
> Hi Folks,
>
> https://issues.apache.org/jira/browse/ZEPPELIN-4167
> if runners permission is empty, every authenticated user can view the
> notebook.
>
> I also think that if you don't set permissions, you shouldn't use anyone.
> This is more rigorous, More secure.
>
> Look at everyone's opinions, how?
>
>
>
>
> --
> Best Regards
>
> Jeff Zhang
>
>
>
> --
> Best Regards
>
> Jeff Zhang
>
>
--
Best Regards
Jeff Zhang
Re: [discuss] if runners permission is empty, every
authenticated user can view the notebook
Posted by Paul Brenner <pb...@placeiq.com>.
That sounds very reasonable and would work well for us.
PAUL BRENNER
Head of Data Science
pbrenner@placeiq.com | (217) 390-3033 | www.placeiq.com
twitter @placeiq linkedin /placeiq
On May 24, 2019, 2:17 AM -0400, Jeff Zhang <zj...@gmail.com>, wrote:
> Hi Paul,
>
> The default value of Reader is all the users make sense for me, but regarding the Writer/Runner, it seems better to be the owner user by default. Will that affect your existing installation ?
>
> > Paul Brenner <pb...@placeiq.com> 于2019年5月23日周四 下午10:54写道:
> > > If I’m understanding correctly, this is exactly how we want zeppelin to behave in our environment: We want all notebooks to be viewable by anyone who can authenticate into our zeppelin server. I would hate to lose this feature or suddenly be required to change permissions on every created notebook to make sure they remain viewable. We use zeppelin to share notebooks within teams so don’t want this to be locked down by default.
> > >
> > > If a change is made, would it be possible to do it as an option that we could turn off so we can continue to use zeppelin as is?
> > >
> > >
> > >
> > >
> > >
> > > PAUL BRENNER
> > > Head of Data Science
> > > pbrenner@placeiq.com | (217) 390-3033 | www.placeiq.com
> > > twitter @placeiq linkedin /placeiq
> > >
> > >
> > >
> > >
> > >
> > > On May 23, 2019, 10:44 AM -0400, Jeff Zhang <zj...@gmail.com>, wrote:
> > > > I think the default value should be the user who created the note.
> > > >
> > > >
> > > > > Xun Liu <ne...@163.com> 于2019年5月23日周四 下午10:28写道:
> > > > > > Hi Folks,
> > > > > >
> > > > > > https://issues.apache.org/jira/browse/ZEPPELIN-4167
> > > > > > if runners permission is empty, every authenticated user can view the notebook.
> > > > > >
> > > > > > I also think that if you don't set permissions, you shouldn't use anyone.
> > > > > > This is more rigorous, More secure.
> > > > > >
> > > > > > Look at everyone's opinions, how?
> > > > > >
> > > > > >
> > > >
> > > >
> > > > --
> > > > Best Regards
> > > >
> > > > Jeff Zhang
>
>
> --
> Best Regards
>
> Jeff Zhang
Re: [discuss] if runners permission is empty, every authenticated
user can view the notebook
Posted by Jeff Zhang <zj...@gmail.com>.
Hi Paul,
The default value of Reader is all the users make sense for me, but
regarding the Writer/Runner, it seems better to be the owner user by
default. Will that affect your existing installation ?
Paul Brenner <pb...@placeiq.com> 于2019年5月23日周四 下午10:54写道:
> If I’m understanding correctly, this is exactly how we want zeppelin to
> behave in our environment: We want all notebooks to be viewable by anyone
> who can authenticate into our zeppelin server. I would hate to lose this
> feature or suddenly be required to change permissions on every created
> notebook to make sure they remain viewable. We use zeppelin to share
> notebooks within teams so don’t want this to be locked down by default.
>
> If a change is made, would it be possible to do it as an option that we
> could turn off so we can continue to use zeppelin as is?
>
>
>
>
>
> PAUL BRENNER
>
> Head of Data Science
> pbrenner@placeiq.com | (217) 390-3033 | www.placeiq.com
> twitter @placeiq <https://twitter.com/PlaceIQ> linkedin /placeiq
> <https://www.linkedin.com/company/placeiq/>
> [image: Cannes in View]
> <http://pages.placeiq.com/FY19Q2-CannesMeeting_LP-Registration.html>
> [image: PlaceIQ: Oracle Data Cloud Premier Data Provider]
> <http://go.placeiq.com/WC01DPG0l0N3Gq000000e00>
>
>
>
>
>
> On May 23, 2019, 10:44 AM -0400, Jeff Zhang <zj...@gmail.com>, wrote:
>
> I think the default value should be the user who created the note.
>
>
> Xun Liu <ne...@163.com> 于2019年5月23日周四 下午10:28写道:
>
> Hi Folks,
>
> https://issues.apache.org/jira/browse/ZEPPELIN-4167
> if runners permission is empty, every authenticated user can view the
> notebook.
>
> I also think that if you don't set permissions, you shouldn't use anyone.
> This is more rigorous, More secure.
>
> Look at everyone's opinions, how?
>
>
>
>
> --
> Best Regards
>
> Jeff Zhang
>
>
--
Best Regards
Jeff Zhang
Re: [discuss] if runners permission is empty, every authenticated
user can view the notebook
Posted by Jeff Zhang <zj...@gmail.com>.
Do it via configuration make sense to me.
Paul Brenner <pb...@placeiq.com> 于2019年5月23日周四 下午10:54写道:
> If I’m understanding correctly, this is exactly how we want zeppelin to
> behave in our environment: We want all notebooks to be viewable by anyone
> who can authenticate into our zeppelin server. I would hate to lose this
> feature or suddenly be required to change permissions on every created
> notebook to make sure they remain viewable. We use zeppelin to share
> notebooks within teams so don’t want this to be locked down by default.
>
> If a change is made, would it be possible to do it as an option that we
> could turn off so we can continue to use zeppelin as is?
>
>
>
>
>
> PAUL BRENNER
>
> Head of Data Science
> pbrenner@placeiq.com | (217) 390-3033 | www.placeiq.com
> twitter @placeiq <https://twitter.com/PlaceIQ> linkedin /placeiq
> <https://www.linkedin.com/company/placeiq/>
> [image: Cannes in View]
> <http://pages.placeiq.com/FY19Q2-CannesMeeting_LP-Registration.html>
> [image: PlaceIQ: Oracle Data Cloud Premier Data Provider]
> <http://go.placeiq.com/WC01DPG0l0N3Gq000000e00>
>
>
>
>
>
> On May 23, 2019, 10:44 AM -0400, Jeff Zhang <zj...@gmail.com>, wrote:
>
> I think the default value should be the user who created the note.
>
>
> Xun Liu <ne...@163.com> 于2019年5月23日周四 下午10:28写道:
>
> Hi Folks,
>
> https://issues.apache.org/jira/browse/ZEPPELIN-4167
> if runners permission is empty, every authenticated user can view the
> notebook.
>
> I also think that if you don't set permissions, you shouldn't use anyone.
> This is more rigorous, More secure.
>
> Look at everyone's opinions, how?
>
>
>
>
> --
> Best Regards
>
> Jeff Zhang
>
>
--
Best Regards
Jeff Zhang
Re: [discuss] if runners permission is empty, every authenticated
user can view the notebook
Posted by Jeff Zhang <zj...@gmail.com>.
Do it via configuration make sense to me.
Paul Brenner <pb...@placeiq.com> 于2019年5月23日周四 下午10:54写道:
> If I’m understanding correctly, this is exactly how we want zeppelin to
> behave in our environment: We want all notebooks to be viewable by anyone
> who can authenticate into our zeppelin server. I would hate to lose this
> feature or suddenly be required to change permissions on every created
> notebook to make sure they remain viewable. We use zeppelin to share
> notebooks within teams so don’t want this to be locked down by default.
>
> If a change is made, would it be possible to do it as an option that we
> could turn off so we can continue to use zeppelin as is?
>
>
>
>
>
> PAUL BRENNER
>
> Head of Data Science
> pbrenner@placeiq.com | (217) 390-3033 | www.placeiq.com
> twitter @placeiq <https://twitter.com/PlaceIQ> linkedin /placeiq
> <https://www.linkedin.com/company/placeiq/>
> [image: Cannes in View]
> <http://pages.placeiq.com/FY19Q2-CannesMeeting_LP-Registration.html>
> [image: PlaceIQ: Oracle Data Cloud Premier Data Provider]
> <http://go.placeiq.com/WC01DPG0l0N3Gq000000e00>
>
>
>
>
>
> On May 23, 2019, 10:44 AM -0400, Jeff Zhang <zj...@gmail.com>, wrote:
>
> I think the default value should be the user who created the note.
>
>
> Xun Liu <ne...@163.com> 于2019年5月23日周四 下午10:28写道:
>
> Hi Folks,
>
> https://issues.apache.org/jira/browse/ZEPPELIN-4167
> if runners permission is empty, every authenticated user can view the
> notebook.
>
> I also think that if you don't set permissions, you shouldn't use anyone.
> This is more rigorous, More secure.
>
> Look at everyone's opinions, how?
>
>
>
>
> --
> Best Regards
>
> Jeff Zhang
>
>
--
Best Regards
Jeff Zhang
Re: [discuss] if runners permission is empty, every
authenticated user can view the notebook
Posted by Paul Brenner <pb...@placeiq.com>.
If I’m understanding correctly, this is exactly how we want zeppelin to behave in our environment: We want all notebooks to be viewable by anyone who can authenticate into our zeppelin server. I would hate to lose this feature or suddenly be required to change permissions on every created notebook to make sure they remain viewable. We use zeppelin to share notebooks within teams so don’t want this to be locked down by default.
If a change is made, would it be possible to do it as an option that we could turn off so we can continue to use zeppelin as is?
PAUL BRENNER
Head of Data Science
pbrenner@placeiq.com | (217) 390-3033 | www.placeiq.com
twitter @placeiq linkedin /placeiq
On May 23, 2019, 10:44 AM -0400, Jeff Zhang <zj...@gmail.com>, wrote:
> I think the default value should be the user who created the note.
>
>
> > Xun Liu <ne...@163.com> 于2019年5月23日周四 下午10:28写道:
> > > Hi Folks,
> > >
> > > https://issues.apache.org/jira/browse/ZEPPELIN-4167
> > > if runners permission is empty, every authenticated user can view the notebook.
> > >
> > > I also think that if you don't set permissions, you shouldn't use anyone.
> > > This is more rigorous, More secure.
> > >
> > > Look at everyone's opinions, how?
> > >
> > >
>
>
> --
> Best Regards
>
> Jeff Zhang
Re: [discuss] if runners permission is empty, every
authenticated user can view the notebook
Posted by Paul Brenner <pb...@placeiq.com>.
If I’m understanding correctly, this is exactly how we want zeppelin to behave in our environment: We want all notebooks to be viewable by anyone who can authenticate into our zeppelin server. I would hate to lose this feature or suddenly be required to change permissions on every created notebook to make sure they remain viewable. We use zeppelin to share notebooks within teams so don’t want this to be locked down by default.
If a change is made, would it be possible to do it as an option that we could turn off so we can continue to use zeppelin as is?
PAUL BRENNER
Head of Data Science
pbrenner@placeiq.com | (217) 390-3033 | www.placeiq.com
twitter @placeiq linkedin /placeiq
On May 23, 2019, 10:44 AM -0400, Jeff Zhang <zj...@gmail.com>, wrote:
> I think the default value should be the user who created the note.
>
>
> > Xun Liu <ne...@163.com> 于2019年5月23日周四 下午10:28写道:
> > > Hi Folks,
> > >
> > > https://issues.apache.org/jira/browse/ZEPPELIN-4167
> > > if runners permission is empty, every authenticated user can view the notebook.
> > >
> > > I also think that if you don't set permissions, you shouldn't use anyone.
> > > This is more rigorous, More secure.
> > >
> > > Look at everyone's opinions, how?
> > >
> > >
>
>
> --
> Best Regards
>
> Jeff Zhang
Re: [discuss] if runners permission is empty, every authenticated
user can view the notebook
Posted by Jeff Zhang <zj...@gmail.com>.
I think the default value should be the user who created the note.
Xun Liu <ne...@163.com> 于2019年5月23日周四 下午10:28写道:
> Hi Folks,
>
> https://issues.apache.org/jira/browse/ZEPPELIN-4167
> if runners permission is empty, every authenticated user can view the
> notebook.
>
> I also think that if you don't set permissions, you shouldn't use anyone.
> This is more rigorous, More secure.
>
> Look at everyone's opinions, how?
>
>
>
--
Best Regards
Jeff Zhang
Re: [discuss] if runners permission is empty, every authenticated
user can view the notebook
Posted by Jeff Zhang <zj...@gmail.com>.
I think the default value should be the user who created the note.
Xun Liu <ne...@163.com> 于2019年5月23日周四 下午10:28写道:
> Hi Folks,
>
> https://issues.apache.org/jira/browse/ZEPPELIN-4167
> if runners permission is empty, every authenticated user can view the
> notebook.
>
> I also think that if you don't set permissions, you shouldn't use anyone.
> This is more rigorous, More secure.
>
> Look at everyone's opinions, how?
>
>
>
--
Best Regards
Jeff Zhang