Uploaded image for project: 'Hadoop YARN'
  1. Hadoop YARN
  2. YARN-47

[Umbrella] Security issues in YARN

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Resolved
    • Major
    • Resolution: Fixed
    • None
    • None
    • None
    • None

    Description

      JIRA tracking YARN related security issues.

      Moving over YARN only stuff from MAPREDUCE-3101.

      Attachments

        Issue Links

          relates to

          Bug - A problem which impairs or prevents the functions of the product. MAPREDUCE-3101 [Umbrella] Security issues in YARN

          • Major - Major loss of function.
          • Resolved
          1.
          		 RM-NM secret-keys should be randomly generated and rolled every so often Sub-task Closed Vinod Kumar Vavilapalli
          2.
          		 Move to per-node RM-NM secrets Sub-task Open Omkar Vinit Joshi
          3.
          		 Tests for verifying application-acl checks on the web-UI Sub-task Open Unassigned
          4.
          		 Improve distributed shell application to work on a secure cluster Sub-task Closed Vinod Kumar Vavilapalli
          5.
          		 Implement renewal / cancellation of Delegation Tokens Sub-task Closed Siddharth Seth
          6.
          		 [MR-279] [Security] AM should not be able to abuse container tokens for repetitive container launches Sub-task Closed Vinod Kumar Vavilapalli
          7.
          		 AM should not be able to abuse container tokens for repetitive container launches Sub-task Closed Omkar Vinit Joshi
          8.
          		 NMs rejects all container tokens after secret key rolls Sub-task Closed Vinod Kumar Vavilapalli
          9.
          		 ClientToAMSecretManager creates keys without checking for validity of the appID Sub-task Closed Vinod Kumar Vavilapalli
          10.
          		 ClientTokens should be per app-attempt and be unregistered on App-finish. Sub-task Closed Vinod Kumar Vavilapalli
          11.
          		 RM does not reject app submission with invalid tokens Sub-task Closed Daryn Sharp
          12.
          		 ContainerManager APIs should be user accessible Sub-task Resolved Unassigned
          13.
          		 NodeManager should use SecureIOUtils for serving and aggregating logs Sub-task Closed Omkar Vinit Joshi
          14.
          		 Make ApplicationToken part of Container's token list to help RM-restart Sub-task Closed Vinod Kumar Vavilapalli
          15.
          		 ClientToken (ClientToAMToken) should not be set in the environment Sub-task Closed Omkar Vinit Joshi
          16.
          		 In unsercure mode, AM can fake resource requirements Sub-task Closed Omkar Vinit Joshi
          17.
          		 RM doesn't retry token renewals Sub-task Resolved Unassigned
          18.
          		 RM renews tokens even when maxDate will soon be exceeded Sub-task Open Unassigned
          19.
          		 DelegationTokens will be renewed forever if multiple jobs share tokens and the first one sets JOB_CANCEL_DELEGATION_TOKEN to false Sub-task Open Daryn Sharp
          20.
          		 AMTokens, ClientTokens and LocalizerTokens should be generated and used irrespective of kerberos Sub-task Open Vinod Kumar Vavilapalli
          21.
          		 Create NM proxy per NM instead of per container Sub-task Closed Omkar Vinit Joshi
          22.
          		 ApplicationTokens should be used irrespective of kerberos Sub-task Closed Vinod Kumar Vavilapalli
          23.
          		 NM startContainer should validate the NodeId Sub-task Closed Omkar Vinit Joshi
          24.
          		 Node manager is no longer required to store ContainerToken as it is required only during startContainer call. Sub-task Resolved Omkar Vinit Joshi
          25.
          		 Parse html response returned by Application master when showing it via WebProxy Sub-task Open Omkar Vinit Joshi
          26.
          		 RM triggers web auth failure before first job Sub-task Closed Omkar Vinit Joshi
          27.
          		 Get queue administration ACLs working Sub-task Closed Xuan Gong
          28.
          		 Add tests to verify that queue-admin-acls work with hierarchical queues Sub-task Open Xuan Gong
          29.
          		 NodeManager should allow queue admins to view app-logs Sub-task Open Xuan Gong
          30.
          		 NM is polluting container's credentials Sub-task Closed Omkar Vinit Joshi
          31.
          		 Yarn and MRv2 should do HTTP client authentication in kerberos setup. Sub-task Closed Omkar Vinit Joshi
          32.
          		 Start using NMTokens to authenticate all communication with NM Sub-task Closed Omkar Vinit Joshi
          33.
          		 Share NMTokens using NMTokenCache (api-based) instead of memory based approach which is used currently. Sub-task Closed Omkar Vinit Joshi
          34.
          		 Creating NMToken master key on RM and sharing it with NM as a part of RM-NM heartbeat. Sub-task Closed Omkar Vinit Joshi
          35.
          		 Sending NMToken to AM on allocate call Sub-task Closed Omkar Vinit Joshi
          36.
          		 ContainerManagerImpl should enforce token on server. Today it is [TOKEN, SIMPLE] Sub-task Closed Omkar Vinit Joshi
          37.
          		 Queue admin ACLs should NOT be similar to submit-acls w.r.t hierarchy. Sub-task Open Unassigned
          38.
          		 ClientToAMTokenMasterKey should be provided to AM at launch time Sub-task Closed Jason Darrell Lowe

          Activity

            People

              Unassigned Unassigned
              vinodkv Vinod Kumar Vavilapalli
              Votes:
              0 Vote for this issue
              Watchers:
              7 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: