[AMBARI-13695] Minimize HDFS and other headless keytab distribution (security concerns) - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Resolved
Priority: Critical
Resolution: Fixed
Affects Version/s: 2.0.0
Fix Version/s: 2.2.0
Component/s: ambari-server
Labels:
- hdfs
- keytabs
- security

Description

Currently, we distribute the hdfs headless principal to pretty much every single host in the cluster.
Since hdfs is a super user in HDFS, if any one of the hdfs keytabs are compromised on any host, the user can do anything on HDFS.
We need to revisit and see if we can restrict the number of hosts to which we distribute the hdfs headless keytab.
For example, we can perform necessary HDFS operations on one of the master hosts available, rather than picking an arbitrary client / slave hosts as we do today.
Also, we should look into not only hdfs headless keytabs but all other headless ones like hbase, storm, etc.

Attachments

Issue Links

links to

ReviewBoard

Activity

People

Assignee:: Robert Levas

Reporter:: Robert Levas

Votes:: 0 Vote for this issue

Watchers:: 4 Start watching this issue

Dates

Created:: 03/Nov/15 14:16

Updated:: 16/Nov/15 22:09

Resolved:: 16/Nov/15 18:27