You are viewing a plain text version of this content. The canonical link for it is here.
Posted to common-issues@hadoop.apache.org by "Devaraj Das (JIRA)" <ji...@apache.org> on 2011/08/11 20:08:31 UTC
[jira] [Resolved] (HADOOP-4343) Adding user and service-to-service
authentication to Hadoop
[ https://issues.apache.org/jira/browse/HADOOP-4343?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Devaraj Das resolved HADOOP-4343.
---------------------------------
Resolution: Fixed
Fix Version/s: 0.20.203.0
Eli, the authentication feature is there in 20-security and in trunk. It was just not closed.
> Adding user and service-to-service authentication to Hadoop
> -----------------------------------------------------------
>
> Key: HADOOP-4343
> URL: https://issues.apache.org/jira/browse/HADOOP-4343
> Project: Hadoop Common
> Issue Type: New Feature
> Reporter: Kan Zhang
> Assignee: Kan Zhang
> Priority: Blocker
> Fix For: 0.23.0, 0.20.203.0
>
>
> Currently, Hadoop services do not authenticate users or other services. As a result, Hadoop is subject to the following security risks.
> 1. A user can access an HDFS or M/R cluster as any other user. This makes it impossible to enforce access control in an uncooperative environment. For example, file permission checking on HDFS can be easily circumvented.
> 2. An attacker can masquerade as Hadoop services. For example, user code running on a M/R cluster can register itself as a new TaskTracker.
> This JIRA is intended to be a tracking JIRA, where we discuss requirements, agree on a general approach and identify subtasks. Detailed design and implementation are the subject of those subtasks.
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira