Details

    • Type: Sub-task
    • Status: Open
    • Priority: Major
    • Resolution: Unresolved
    • Affects Version/s: None
    • Fix Version/s: None
    • Component/s: None
    • Labels:
      None

      Description

      In the kerberized environment, all the interpreter use the same keytab/principal, this is pretty dangerous. E.g. User A can use shell interpreter which run as user B to delete all the files owned by user B.

      Although some interpreter has implement its kerbosed usage, I just feel we might need to make a general impersonation framework for all the interpreter (If not possible for all interpreter, but at least this framework should cover most of the interpreter).

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                Unassigned
                Reporter:
                zjffdu Jeff Zhang
              • Votes:
                2 Vote for this issue
                Watchers:
                7 Start watching this issue

                Dates

                • Created:
                  Updated: