Uploaded image for project: 'Hadoop Map/Reduce'
  1. Hadoop Map/Reduce
  2. MAPREDUCE-3101 [Umbrella] Security issues in YARN
  3. MAPREDUCE-3175

Yarn httpservers not created with access Control lists

    XMLWordPrintableJSON

Details

    • Sub-task
    • Status: Closed
    • Blocker
    • Resolution: Fixed
    • 0.23.0
    • 0.23.0
    • mrv2
    • None

    Description

      RM, NM, job history, and application master httpservers are not created with access Control lists. I believe this means that anyone can access any of the standard servlets that check to see if the user has administrator access - like /jmx, /stacks, etc and ops has no way to restrict access to these things.

      Attachments

        1. MAPREDUCE-3175.patch
          8 kB
          Jonathan Turner Eagles
        2. MAPREDUCE-3175.patch
          8 kB
          Jonathan Turner Eagles
        3. MAPREDUCE-3175.patch
          19 kB
          Jonathan Turner Eagles
        4. MAPREDUCE-3175.patch
          22 kB
          Jonathan Turner Eagles
        5. MAPREDUCE-3175.patch
          18 kB
          Jonathan Turner Eagles

        Issue Links

          is blocked by

          Sub-task - The sub-task of the issue MAPREDUCE-3104 Implement Application ACLs, Queue ACLs and their interaction

          • Blocker - Blocks development and/or testing work, production could not run
          • Closed

          Bug - A problem which impairs or prevents the functions of the product. HADOOP-7764 Allow both ACL list and global path spec filters to HttpServer

          • Blocker - Blocks development and/or testing work, production could not run
          • Closed

          Activity

            People

              jeagles Jonathan Turner Eagles
              tgraves Thomas Graves
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: