Uploaded image for project: 'Zeppelin'
  1. Zeppelin
  2. ZEPPELIN-3350

Don't allow set cronExecutionUser

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Resolved
    • Blocker
    • Resolution: Fixed
    • None
    • 0.8.0
    • None
    • None

    Description

      ZEPPELIN-3045 also try to fix the issue, but seems no update for a long time. This is a critical security issue for zeppelin. The cron module may need to revisit to redesign and improve, but as a quick fix, I think we can just don't allow set cronExecutionUser, and just run the note via the note owner. \cc moon felixcheung prabhjyotsingh@apache.com jongyoul thoughts ?

      Attachments

        Issue Links

          is related to

          Task - A task that needs to be done. ZEPPELIN-2385 Release 0.8.0

          • Major - Major loss of function.
          • Resolved
          links to

          Web Link GitHub Pull Request #2914

          Activity

            People

              zjffdu Jeff Zhang
              zjffdu Jeff Zhang
              Votes:
              1 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: