RM, NM, job history, and application master httpservers are not created with access Control lists. I believe this means that anyone can access any of the standard servlets that check to see if the user has administrator access - like /jmx, /stacks, etc and ops has no way to restrict access to these things.
|Assignee||Jonathan Eagles [ jeagles ]|
|Status||Patch Available [ 10002 ]||Open [ 1 ]|
|Status||Patch Available [ 10002 ]||Resolved [ 5 ]|
|Resolution||Fixed [ 1 ]|
|Fix Version/s||0.23.0 [ 12315570 ]|
|Status||Resolved [ 5 ]||Closed [ 6 ]|