You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@trafodion.apache.org by "Hans Zeller (JIRA)" <ji...@apache.org> on 2017/03/30 00:55:41 UTC

[jira] [Comment Edited] (TRAFODION-2562) User ids for isolated UDRs

    [ https://issues.apache.org/jira/browse/TRAFODION-2562?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15948174#comment-15948174 ] 

Hans Zeller edited comment on TRAFODION-2562 at 3/30/17 12:55 AM:
------------------------------------------------------------------

Maybe we need more subtasks, but here is a list of things we probably will need:

* The installer should create at least 1 such id initially. This is the easiest place, since the installer has the needed privileges to create user ids on all nodes of the cluster. Ideally we would allow a list of ids as installer options.
* We need to keep track of these ids in the metadata.
* A library should be associated - optionally - with such an id. My proposal would be that we do this at the library level, not at the UDR level.
* We need DDL commands to create such an id, or at least a DDL command to register a Linux user id as an isolated user id. Also a command to unregister the id (may have to drop the Linux id separately).
* For each isolated user id we may need a copy of the tdm_udrserv executable owned by that id, with the setuid flag set, so that when the Trafodion engine starts this program it runs under the correct id.


was (Author: hzeller):
Maybe we need more subtasks, but here is a list of things we probably will need:

* The installer should create at least 1 such id initially. This is the easiest place, since the installer has the needed privileges to create user ids on all nodes of the cluster. Ideally we would allow a list of ids as installer options.
* We need to keep track of these ids in the metadata.
* A library should be associated - optionally - with such an id. My proposal would be that we do this at the library level, not at the UDR level.
* We need DDL commands to create such an id, or at least a DDL command to register a Linux user id as an isolated user id. Also a command to unregister the id (may have to drop the Linux id separately).

> User ids for isolated UDRs
> --------------------------
>
>                 Key: TRAFODION-2562
>                 URL: https://issues.apache.org/jira/browse/TRAFODION-2562
>             Project: Apache Trafodion
>          Issue Type: Sub-task
>          Components: sql-cmu
>    Affects Versions: 2.0-incubating
>            Reporter: Hans Zeller
>
> In order to implement "isolated" UDRs, we need to have a user id for the tdm_udrserv process that executes UDRs. Right now this process runs under the same user id as the Trafodion engine, which means that the system administrator has to trust the UDR writer to a great degree. Running UDRs with a user id that has no access to HBase and HDFS and to the internal resources of the Trafodion engine would reduce the required trust by a great deal.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)