Skip to content

[INLONG-1186][Doc] Update security doc#1187

Merged
dockerzhang merged 11 commits into
masterfrom
INLONG-1186
Jun 30, 2026
Merged

[INLONG-1186][Doc] Update security doc#1187
dockerzhang merged 11 commits into
masterfrom
INLONG-1186

Conversation

@fuweng11

Copy link
Copy Markdown
Contributor

Fixes #1186

Motivation

Update security doc.
Add tenant-related security model.
The Manager module in Apache InLong provides tenant isolation capabilities, enabling permission management based on tenants. Any member of a tenant can view all business information within that tenant, while only the responsible personnel of a Group can modify or delete Group, Sink, Stream, and related entities. We believe that if users want to ensure their business data is not accessible by others, they simply need to prevent other users from joining their tenant. Therefore, if potential vulnerabilities arise due to tenant members being able to access Group, Stream, or similar information within the same tenant, such issues should not be reported as security vulnerabilities in Apache InLong. We welcome suggestions for enhancing the codebase.

Modifications

Verifying this change

  • Make sure that the change passes the CI checks.

(Please pick either of the following options)

  • This change is a trivial rework/code cleanup without any test coverage.

  • This change is already covered by existing tests, such as:
    (please describe tests)

  • This change added tests and can be verified as follows:

    (example:)

    • Added integration tests for end-to-end deployment with large payloads (10MB)
    • Extended integration test for recovery after broker failure

Documentation

  • Does this pull request introduce a new feature? (yes / no)
  • If yes, how is the feature documented? (not applicable / docs / JavaDocs / not documented)
  • If a feature is not applicable for documentation, explain why?
  • If a feature is not documented yet in this PR, please create a followup issue for adding the documentation

@dockerzhang dockerzhang merged commit 940b14c into master Jun 30, 2026
1 check passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

[Improve][Doc] Update security doc

4 participants