hadoop-common-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Steve Loughran (JIRA)" <j...@apache.org>
Subject [jira] Commented: (HADOOP-5740) Hadoop JSP pages don't work under a security manager
Date Mon, 27 Apr 2009 15:08:30 GMT

    [ https://issues.apache.org/jira/browse/HADOOP-5740?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12703159#action_12703159
] 

Steve Loughran commented on HADOOP-5740:
----------------------------------------

Both jetty and RMI make assumptions that aren't valid, and as as they are code that isnt in
the hadoop repository, it is up to the hadoop code to be changed to come to terms with their
(mistaken) assumptions. 

I'm also adding  my own code that tests the current policy and tries to add to it, printing
out some diagnostics (including the classname) if it isn't writable. This is handy as the
current policy may change over time. 

Is it ok to return a new empty permission collection on the getPermissions(CodeSource) call?
It won't impact hadoop's own code.

> Hadoop JSP pages don't work under a security manager
> ----------------------------------------------------
>
>                 Key: HADOOP-5740
>                 URL: https://issues.apache.org/jira/browse/HADOOP-5740
>             Project: Hadoop Core
>          Issue Type: Bug
>          Components: fs, mapred
>    Affects Versions: 0.21.0
>            Reporter: Steve Loughran
>            Assignee: Steve Loughran
>            Priority: Minor
>
> When you run Hadoop under a security manager that says "yes" to all security checks,
you get stack traces when Jetty tries to initialise the JSP engine. Which implies you can't
use Jasper under a security manager

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message