[jira] [Created] (ZEPPELIN-2068) Change credentials.json and interpreter.json access permission to 0600

Ruslan Dautkhanov (JIRA) Mon, 06 Feb 2017 18:04:08 -0800

Ruslan Dautkhanov created ZEPPELIN-2068:
-------------------------------------------


             Summary: Change credentials.json and interpreter.json access 
permission to 0600
                 Key: ZEPPELIN-2068
                 URL: https://issues.apache.org/jira/browse/ZEPPELIN-2068
             Project: Zeppelin
          Issue Type: Improvement
    Affects Versions: 0.7.0
            Reporter: Ruslan Dautkhanov
            Priority: Critical


credentials.json and interpreter.json are created with default group-readable 
and world-readable permissions.

Both files can store passwords.

interpreter.json can store passwords, for example, if we have a custom 
repository - it'll be stored there clear text.

credentials.json obviously store passwords too

Please change default file permissions for credentials.json and 
interpreter.json to 0600.

Other users should not see clear text passwords.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[jira] [Created] (ZEPPELIN-2068) Change credentials.json and interpreter.json access permission to 0600

Reply via email to