Uploaded image for project: 'Hadoop YARN'
  1. Hadoop YARN
  2. YARN-9802 YARN Timeline Service v2 (post GA features)
  3. YARN-3401

[Security] users should not be able to create a generic TimelineEntity and associate arbitrary type

    XMLWordPrintableJSON

Details

    • Sub-task
    • Status: Open
    • Major
    • Resolution: Unresolved
    • None
    • None
    • timelineserver
    • None

    Description

      IIUC it is possible for users to create a generic TimelineEntity and set an arbitrary entity type. For example, for a YARN app, the right entity API is ApplicationEntity. However, today nothing stops users from instantiating a base TimelineEntity class and set the application type on it. This presents a problem in handling these YARN system entities in the storage layer for example.

      We need to ensure that the API allows only the right type of the class to be created for a given entity type.

      Attachments

        Issue Links

          is related to

          Sub-task - The sub-task of the issue MAPREDUCE-6424 Store MR counters as timeline metrics instead of event

          • Major - Major loss of function.
          • Resolved

          Sub-task - The sub-task of the issue MAPREDUCE-6688 Store job configurations in Timeline Service v2

          • Major - Major loss of function.
          • Resolved
          relates to

          Sub-task - The sub-task of the issue YARN-3053 [Security] Review and implement authentication in ATS v.2

          • Major - Major loss of function.
          • Resolved

          Activity

            People

              haibochen Haibo Chen
              sjlee0 Sangjin Lee
              Votes:
              0 Vote for this issue
              Watchers:
              10 Start watching this issue

              Dates

                Created:
                Updated: