You are viewing a plain text version of this content. The canonical link for it is here.

Posted to yarn-issues@hadoop.apache.org by "Sumana Sathish (JIRA)" <ji...@apache.org> on 2017/07/27 18:22:00 UTC

[jira] [Created] (YARN-6891) Can kill other user's applications via RM UI

Sumana Sathish created YARN-6891:
------------------------------------

             Summary: Can kill other user's applications via RM UI
                 Key: YARN-6891
                 URL: https://issues.apache.org/jira/browse/YARN-6891
             Project: Hadoop YARN
          Issue Type: Bug
            Reporter: Sumana Sathish
            Assignee: Junping Du
            Priority: Critical


In a  secured cluster with UI unsecured which has following config
{code}
"hadoop.http.authentication.simple.anonymous.allowed" => "true"
"hadoop.http.authentication.type" => kerberos
{code}

UI can be accessed without any security setting.

Also any user can kill other user's applications via UI



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

---------------------------------------------------------------------
To unsubscribe, e-mail: yarn-issues-unsubscribe@hadoop.apache.org
For additional commands, e-mail: yarn-issues-help@hadoop.apache.org