[#MAPREDUCE-181] Secure job submission

Hadoop Map/Reduce

MAPREDUCE-563

Secure job submission

Created: 17/Jun/08 06:08 AM Updated: Today 09:29 AM

Return to search

Component/s:

None

Affects Version/s:

None

Fix Version/s:

0.22.0

Time Tracking:

Not Specified

File Attachments:

File Name	Date Attached	Attached By	Size
181-1.patch	2009-11-03 09:35 PM	Devaraj Das	106 kB
181-2.patch	2009-12-01 09:29 AM	Devaraj Das	161 kB
hadoop-3578-branch-20-example-2.patch	2009-07-28 04:25 AM	Amar Kamat	10 kB
hadoop-3578-branch-20-example.patch	2009-06-12 10:19 AM	Amar Kamat	24 kB
HADOOP-3578-v2.6.patch	2009-04-24 02:22 PM	Amar Kamat	67 kB
HADOOP-3578-v2.7.patch	2009-05-11 12:26 PM	Amar Kamat	67 kB
MAPRED-181-v3.32.patch	2009-10-05 06:24 AM	Amar Kamat	159 kB
MAPRED-181-v3.8.patch	2009-08-30 07:57 PM	Amar Kamat	124 kB

Issue Links:

Blocker

This issue blocks:

~~HADOOP-4991~~ Reduce task getting map output over HTTP should have right access control

MAPREDUCE-246 Job recovery should fail or kill a job that fails ACL checks upon restart, if the job was running previously

This issue is blocked by:

MAPREDUCE-173 JobConf should also load resources from hdfs (or other filesystems)

~~HADOOP-5737~~ UGI checks in testcases are broken

Reference

This issue relates to:

HADOOP-4487 Security features for Hadoop

Description

« Hide

Currently the jobclient accesses the mapred.system.dir to add job details. Hence the mapred.system.dir has the permissions of rwx-wx-wx. This could be a security loophole where the job files might get overwritten/tampered after the job submission.

All

Comments

Work Log

Change History

Subversion Commits

Sort Order:

There are no subversion log entries for this issue yet.