You are viewing a plain text version of this content. The canonical link for it is here.
Posted to yarn-issues@hadoop.apache.org by "Sunil G (JIRA)" <ji...@apache.org> on 2018/05/11 10:40:00 UTC
[jira] [Reopened] (YARN-8249) Few REST api's in RMWebServices are
missing static user check
[ https://issues.apache.org/jira/browse/YARN-8249?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Sunil G reopened YARN-8249:
---------------------------
> Few REST api's in RMWebServices are missing static user check
> -------------------------------------------------------------
>
> Key: YARN-8249
> URL: https://issues.apache.org/jira/browse/YARN-8249
> Project: Hadoop YARN
> Issue Type: Improvement
> Components: webapp, yarn
> Affects Versions: 3.1.0
> Reporter: Sunil G
> Assignee: Sunil G
> Priority: Critical
> Fix For: 3.2.0, 3.1.1
>
> Attachments: YARN-8249.001.patch, YARN-8249.002.patch, YARN-8249.003.patch, YARN-8249.004.patch, YARN-8249.005.patch, YARN-8249.006.patch, YARN-8249.branch-2.001.patch
>
>
> Few REST endpoints like node label/ scheduler-conf etc are missing static user validation check. Writable apis should not be ran for static users. This is not a security hole as such as yarn.admin.acls will be configured to certain users in secure cluster correctly. However such a check will help to have same semantics across various apis.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: yarn-issues-unsubscribe@hadoop.apache.org
For additional commands, e-mail: yarn-issues-help@hadoop.apache.org