Uploaded image for project: 'Hadoop Common'
  1. Hadoop Common
  2. HADOOP-4487

Security features for Hadoop

    XMLWordPrintableJSON

Details

    • New Feature
    • Status: Closed
    • Major
    • Resolution: Fixed
    • None
    • 0.22.0
    • security
    • None

    Description

      This is a top-level tracking JIRA for security work we are doing in Hadoop. Please add reference to this when opening new security related JIRAs.

      Attachments

        1. security-design.pdf
          322 kB
          Owen O'Malley

        Issue Links

          incorporates

          Bug - A problem which impairs or prevents the functions of the product. MAPREDUCE-720 Task logs should have right access-control

          • Major - Major loss of function.
          • Resolved
          is depended upon by

          Sub-task - The sub-task of the issue HBASE-2016 [DAC] Authentication

          • Major - Major loss of function.
          • Closed
          is duplicated by

          New Feature - A new feature of the product, which has yet to be developed. HADOOP-6960 Hadoop Security Design

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Resolved
          is related to

          Sub-task - The sub-task of the issue MAPREDUCE-189 Change Map-Reduce framework to use JAAS instead of UGI

          • Major - Major loss of function.
          • Resolved

          Sub-task - The sub-task of the issue MAPREDUCE-181 Secure job submission

          • Major - Major loss of function.
          • Closed

          Sub-task - The sub-task of the issue MAPREDUCE-1026 Shuffle should be secure

          • Major - Major loss of function.
          • Closed

          Bug - A problem which impairs or prevents the functions of the product. HADOOP-4850 Fix IPC Client to not use UGI

          • Major - Major loss of function.
          • Resolved

          Bug - A problem which impairs or prevents the functions of the product. HADOOP-4851 Change filesystem permissions to use JAAS rather than UGI

          • Major - Major loss of function.
          • Resolved

          Bug - A problem which impairs or prevents the functions of the product. HADOOP-6151 The servlets should quote html characters

          • Critical - Crashes, loss of data, severe memory leak.
          • Closed

          New Feature - A new feature of the product, which has yet to be developed. MAPREDUCE-563 Security features for Map/Reduce

          • Major - Major loss of function.
          • Resolved

          Improvement - An improvement or enhancement to an existing feature or task. AVRO-341 specify avro transport in spec

          • Major - Major loss of function.
          • Open

          Improvement - An improvement or enhancement to an existing feature or task. GIRAPH-211 Add secure authentication to Netty IPC

          • Major - Major loss of function.
          • Resolved

          Improvement - An improvement or enhancement to an existing feature or task. HADOOP-4853 Improvement to IPC

          • Major - Major loss of function.
          • Resolved

          Improvement - An improvement or enhancement to an existing feature or task. HADOOP-3953 Sticky bit for directories

          • Major - Major loss of function.
          • Closed

          Improvement - An improvement or enhancement to an existing feature or task. HADOOP-4656 Add a user to groups mapping service

          • Major - Major loss of function.
          • Closed

          Improvement - An improvement or enhancement to an existing feature or task. HADOOP-6299 Use JAAS LoginContext for our login

          • Major - Major loss of function.
          • Closed

          Improvement - An improvement or enhancement to an existing feature or task. HBASE-1697 Discretionary access control

          • Major - Major loss of function.
          • Closed

          Task - A task that needs to be done. HADOOP-9621 Document/analyze current Hadoop security model

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Open
          relates to

          Bug - A problem which impairs or prevents the functions of the product. HADOOP-6572 RPC responses may be out-of-order with respect to SASL

          • Major - Major loss of function.
          • Closed

          New Feature - A new feature of the product, which has yet to be developed. HADOOP-5405 Adding support for HDFS proxy

          • Major - Major loss of function.
          • Resolved

          New Feature - A new feature of the product, which has yet to be developed. HADOOP-6581 Add authenticated TokenIdentifiers to UGI so that they can be used for authorization

          • Major - Major loss of function.
          • Resolved

          New Feature - A new feature of the product, which has yet to be developed. HADOOP-4343 Adding user and service-to-service authentication to Hadoop

          • Blocker - Blocks development and/or testing work, production could not run
          • Closed

          New Feature - A new feature of the product, which has yet to be developed. HADOOP-4348 Adding service-level authorization to Hadoop

          • Major - Major loss of function.
          • Closed

          New Feature - A new feature of the product, which has yet to be developed. HADOOP-4359 Access Token: Support for data access authorization checking on DataNodes

          • Major - Major loss of function.
          • Closed

          New Feature - A new feature of the product, which has yet to be developed. HADOOP-6415 Adding a common token interface for both job token and delegation token

          • Major - Major loss of function.
          • Closed

          New Feature - A new feature of the product, which has yet to be developed. HADOOP-6419 Change RPC layer to support SASL based mutual authentication

          • Major - Major loss of function.
          • Closed

          New Feature - A new feature of the product, which has yet to be developed. HADOOP-6510 doAs for proxy user

          • Major - Major loss of function.
          • Closed

          New Feature - A new feature of the product, which has yet to be developed. HDFS-992 Re-factor block access token implementation to conform to the generic Token interface in Common

          • Major - Major loss of function.
          • Closed

          New Feature - A new feature of the product, which has yet to be developed. HDFS-1150 Verify datanodes' identities to clients in secure clusters

          • Major - Major loss of function.
          • Closed

          New Feature - A new feature of the product, which has yet to be developed. MAPREDUCE-1335 Add SASL DIGEST-MD5 authentication to TaskUmbilicalProtocol

          • Major - Major loss of function.
          • Closed

          New Feature - A new feature of the product, which has yet to be developed. MAPREDUCE-1338 need security keys storage solution

          • Major - Major loss of function.
          • Closed

          New Feature - A new feature of the product, which has yet to be developed. ZOOKEEPER-938 Support Kerberos authentication of clients.

          • Major - Major loss of function.
          • Closed

          Improvement - An improvement or enhancement to an existing feature or task. HDFS-1305 Enabling Kerberos based authentication on BackupNode

          • Major - Major loss of function.
          • Open

          Improvement - An improvement or enhancement to an existing feature or task. HADOOP-4453 Improve ssl handling for distcp

          • Major - Major loss of function.
          • Closed

          Improvement - An improvement or enhancement to an existing feature or task. HADOOP-6367 Move Access Token implementation from Common to HDFS

          • Major - Major loss of function.
          • Closed

          Improvement - An improvement or enhancement to an existing feature or task. HADOOP-6543 Allow authentication-enabled RPC clients to connect to authentication-disabled RPC servers

          • Major - Major loss of function.
          • Closed

          Improvement - An improvement or enhancement to an existing feature or task. HADOOP-6584 Provide Kerberized SSL encryption for webservices

          • Major - Major loss of function.
          • Closed

          Improvement - An improvement or enhancement to an existing feature or task. HADOOP-6589 Better error messages for RPC clients when authentication fails

          • Major - Major loss of function.
          • Closed

          Improvement - An improvement or enhancement to an existing feature or task. MAPREDUCE-1250 Refactor job token to use a common token interface

          • Major - Major loss of function.
          • Closed

          Task - A task that needs to be done. HADOOP-8357 Restore security in Hadoop 0.22 branch

          • Major - Major loss of function.
          • Resolved

          Activity

            People

              kzhang Kan Zhang
              kzhang Kan Zhang
              Votes:
              0 Vote for this issue
              Watchers:
              41 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: