Uploaded image for project: 'Geode'
  1. Geode
  2. GEODE-2919

Provide finer grained security

    XMLWordPrintableJSON

Details

    • Improvement
    • Status: Closed
    • Major
    • Resolution: Fixed
    • None
    • 1.3.0
    • docs, security
    • None

    Description

      In our current security model, a user with DATA:MANAGE can create regions, create disk stores, WAN gateways etc. I think this is a very wide scope, because an administrator may want to give create region privilege to a developer, but not necessarily give them the ability to create disk stores or send the data in that region over WAN. I propose that we refine the security model to make it finer grained.

      Please see this discussion on the mailing list: https://lists.apache.org/thread.html/f96842276e93d8a6c3080ad3982c72431d62d1e7c717ebbc50941968@%3Cdev.geode.apache.org%3E

      Attachments

        Issue Links

          incorporates

          Bug - A problem which impairs or prevents the functions of the product. GEODE-1797 No gfsh commands are available to readonly members

          • Major - Major loss of function.
          • Closed
          links to

          Web Link GitHub Pull Request #604

          There are no Sub-Tasks for this issue.

          Activity

            People

              Unassigned Unassigned
              swapnil.bawaskar Swapnil Bawaskar
              Votes:
              1 Vote for this issue
              Watchers:
              5 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: