Remove stale warning for HTTP inputSource (#11907)

2021-11-12 18:27:14 -08:00 · 2021-11-12 18:27:14 -08:00 · f91868602d
parent 33a5cda061
commit f91868602d
1 changed files with 1 additions and 3 deletions
--- a/docs/ingestion/native-batch.md
+++ b/docs/ingestion/native-batch.md
@ -1218,9 +1218,7 @@ in `druid.ingestion.hdfs.allowedProtocols`. See [HDFS input source security conf

 The HTTP input source is to support reading files directly from remote sites via HTTP.

-> **NOTE:** Ingestion tasks run under the operating system account that runs the Druid processes, for example the Indexer, Middle Manager, and Peon. This means any user who can submit an ingestion task can specify an `HTTPInputSource` at any location where the Druid process has permissions. For example, using `HTTPInputSource`, a console user has access to internal network locations where the they would be denied access otherwise.
-
-> **WARNING:** `HTTPInputSource` is not limited to the HTTP or HTTPS protocols. It uses the Java `URI` class that supports HTTP, HTTPS, FTP, file, and jar protocols by default. This means you should never run Druid under the `root` account, because a user can use the file protocol to access any files on the local disk.
+> **NOTE:** Ingestion tasks run under the operating system account that runs the Druid processes, for example the Indexer, Middle Manager, and Peon. This means any user who can submit an ingestion task can specify an `HTTPInputSource` at any location where the Druid process has permissions. For example, using `HTTPInputSource`, a console user has access to internal network locations where they would be denied access otherwise.

 For more information about security best practices, see [Security overview](../operations/security-overview.md#best-practices).