Issue Details (XML | Word | Printable)

Key: HADOOP-4343
Type: New Feature New Feature
Status: Open Open
Priority: Major Major
Assignee: Kan Zhang
Reporter: Kan Zhang
Votes: 0
Watchers: 14
Operations

If you were logged in you would be able to see more operations.
Hadoop Common

Adding user and service-to-service authentication to Hadoop

Created: 04/Oct/08 01:54 AM   Updated: 07/Oct/09 08:47 PM
Return to search
Component/s: None
Affects Version/s: None
Fix Version/s: None

Time Tracking:
Issue & Sub-Tasks
Issue Only
Not Specified

Issue Links:
Blocker
 
Reference

Sub-Tasks  All   Open   
1.
 adding delegation token implementation Sub-task Open Open Kan Zhang  

 Description  « Hide
Currently, Hadoop services do not authenticate users or other services. As a result, Hadoop is subject to the following security risks.

1. A user can access an HDFS or M/R cluster as any other user. This makes it impossible to enforce access control in an uncooperative environment. For example, file permission checking on HDFS can be easily circumvented.

2. An attacker can masquerade as Hadoop services. For example, user code running on a M/R cluster can register itself as a new TaskTracker.

This JIRA is intended to be a tracking JIRA, where we discuss requirements, agree on a general approach and identify subtasks. Detailed design and implementation are the subject of those subtasks.

 All   Comments   Work Log   Change History   Subversion Commits      Sort Order: Ascending order - Click to sort in descending order
No work has yet been logged on this issue.

Powered by a free Atlassian JIRA open source license for Apache Software Foundation. Try JIRA - bug tracking software for your team.
Atlassian JIRA the Professional Issue Tracker. (Enterprise Edition, Version: 3.13.2-#335) - Bug/feature request - Atlassian news - Contact Administrators