Details

    • Type: Sub-task Sub-task
    • Status: Closed
    • Priority: Blocker Blocker
    • Resolution: Fixed
    • Affects Version/s: 0.23.0
    • Fix Version/s: 0.23.0
    • Component/s: mrv2
    • Labels:
      None

      Description

      RM, NM, job history, and application master httpservers are not created with access Control lists. I believe this means that anyone can access any of the standard servlets that check to see if the user has administrator access - like /jmx, /stacks, etc and ops has no way to restrict access to these things.

      1. MAPREDUCE-3175.patch
        18 kB
        Jonathan Eagles
      2. MAPREDUCE-3175.patch
        22 kB
        Jonathan Eagles
      3. MAPREDUCE-3175.patch
        19 kB
        Jonathan Eagles
      4. MAPREDUCE-3175.patch
        8 kB
        Jonathan Eagles
      5. MAPREDUCE-3175.patch
        8 kB
        Jonathan Eagles

        Issue Links

          Activity

            People

            • Assignee:
              Jonathan Eagles
              Reporter:
              Thomas Graves
            • Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:

                Development