Uploaded image for project: 'Zeppelin'
  1. Zeppelin
  2. ZEPPELIN-4108

Apply sane defaults for upgrades to Zeppelin 0.8.0

    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Open
    • Priority: Major
    • Resolution: Unresolved
    • Affects Version/s: 0.8.0
    • Fix Version/s: None
    • Component/s: None
    • Labels:

      Description

      Reference: https://zeppelin.apache.org/docs/0.8.1/setup/operation/upgrading.html#breaking-changes-in-08x

      After upgrading to 0.8.0, we were left with all of the notebooks open to all users. In order to fix this, we created a python JSON parser to fill in the runner with the notebook owner. Any blank field should not leave any notebook open by default, the default should be no access, not all access. The security problem here is not that the field was left blank but the handling of that condition by Zeppelin.

      A sane default by pre-assigning the runner to the note owner is more ideal IMHO.

      Scripting this is a workaround, not a patch.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                Unassigned
                Reporter:
                mdeguzis Michael DeGuzis
              • Votes:
                0 Vote for this issue
                Watchers:
                3 Start watching this issue

                Dates

                • Created:
                  Updated: