user should enough for those care about this CVE.
> > >
> > > BTW, share 2 ideas to avoid secure problem:
> > > 1. limited commands like HDFSFileInterpreter
> > > 2. shell interpreter add options to runAs a lower privilege user on
> > demand , and
preter
> > 2. shell interpreter add options to runAs a lower privilege user on
> demand , and zeppelin needs to be launched by sudoer
> >
> >
> > On 2024/04/11 09:39:56 Jongyoul Lee wrote:
> >> Hello,
> >>
> >> I want to discuss Shell interpreter i
n demand ,
> and zeppelin needs to be launched by sudoer
>
>
> On 2024/04/11 09:39:56 Jongyoul Lee wrote:
>> Hello,
>>
>> I want to discuss Shell interpreter issue with you.
>>
>> For your information, we had a security report using Shell interpreter to
>
erpreter
2. shell interpreter add options to runAs a lower privilege user on demand ,
and zeppelin needs to be launched by sudoer
On 2024/04/11 09:39:56 Jongyoul Lee wrote:
> Hello,
>
> I want to discuss Shell interpreter issue with you.
>
> For your information, we had a se
ion would constitute, I agree with Michiel that we should update the
documentation and republish the shell interpreter.
Bill
On Thu, Apr 11, 2024 at 2:40 AM Jongyoul Lee wrote:
> Hello,
>
> I want to discuss Shell interpreter issue with you.
>
> For your information, we had a security
Hello,
I want to discuss Shell interpreter issue with you.
For your information, we had a security report using Shell interpreter to
execute malicious code with a system account. As you know, it's a kind of
characteristic of Apache Zeppelin but some contributors including me
thought it wa
