[DRILL-4627] Drill should protect data placed into Zookeeper/ZK - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Open
Priority: Minor
Resolution: Unresolved
Affects Version/s: None
Fix Version/s: None
Component/s: None
Labels:
- security

Description

Drill is striving to improve it's security posture and is improving rapidly.

One key item in a secure system is protection of all relevant data that an attacker could use to cause harm. Today Drill does not protect the data in ZK. This means that an attacker could alter it.

I recommend that Drill create appropriate ZK ACLs on the data in ZK and establish an appropriate authentication mechanism to ZK - that's likely Kerberos for most Hadoop clusters but MapR Native Security for MapR.

Attachments

Activity

People

Assignee:: Unassigned

Reporter:: Keys Botzum

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 22/Apr/16 19:34

Updated:: 30/Aug/16 21:44