Details
-
Bug
-
Status: Open
-
Minor
-
Resolution: Unresolved
-
None
-
None
-
None
Description
Drill is striving to improve it's security posture and is improving rapidly.
One key item in a secure system is protection of all relevant data that an attacker could use to cause harm. Today Drill does not protect the data in ZK. This means that an attacker could alter it.
I recommend that Drill create appropriate ZK ACLs on the data in ZK and establish an appropriate authentication mechanism to ZK - that's likely Kerberos for most Hadoop clusters but MapR Native Security for MapR.