Github user kjmrknsn commented on the issue:
https://github.com/apache/zeppelin/pull/2676
@Leemoonsoo
> In case of a note is cron scheduled and doesn't want anyone else edit the
notebook other than the cron execution user, wouldn't 'owner' of note remove
users from 'writers' and add them in 'readers'?
Yes, ideally, every Zeppelin user should do so. However, it's not realistic
to force every Zeppelin user to do so because almost all of them do not realize
this kind of security issue, it takes a huge effort to do so if there are a lot
of users and notebooks, or they might forget to do so. Thus, it is reasonable
and secure to do this kind of permission control at the Zeppelin system side
not the Zeppelin user side.
---
