You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@ambari.apache.org by "Robert Levas (JIRA)" <ji...@apache.org> on 2015/11/03 15:16:27 UTC
[jira] [Created] (AMBARI-13695) Minimize HDFS and other headless
keytab distribution (security concerns)
Robert Levas created AMBARI-13695:
-------------------------------------
Summary: Minimize HDFS and other headless keytab distribution (security concerns)
Key: AMBARI-13695
URL: https://issues.apache.org/jira/browse/AMBARI-13695
Project: Ambari
Issue Type: Bug
Components: ambari-server
Affects Versions: 2.0.0
Reporter: Robert Levas
Assignee: Robert Levas
Priority: Critical
Fix For: 2.1.3
Currently, we distribute the *hdfs* headless principal to pretty much every single host in the cluster.
Since *hdfs* is a super user in HDFS, if any one of the hdfs keytabs are compromised on any host, the user can do anything on HDFS.
We need to revisit and see if we can restrict the number of hosts to which we distribute the hdfs headless keytab.
For example, we can perform necessary HDFS operations on one of the master hosts available, rather than picking an arbitrary client / slave hosts as we do today.
Also, we should look into not only hdfs headless keytabs but all other headless ones like hbase, storm, etc.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)