I just installed Elasticsearch 6.4.3 on a fresh Ubuntu 18.04 system from the Apt repository. I noticed that the configuration files in
/etc/elasticsearch are writable by group elasticsearch, which the elasticsearch process runs as.
Is this correct? Configuration is usually only changed by the administrator, not by the application itself. Some applications provide a way to change their own configuration, but I don't this Elasticsearch does.
Any problem restricting access by removing the group writable bits?