hadoop-common-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Owen O'Malley <omal...@apache.org>
Subject Re: Security Mechanisms in HDFS
Date Tue, 05 Jan 2010 19:29:37 GMT

On Jan 5, 2010, at 7:44 AM, Yu Xi wrote:

> Could any hadoop gurus tell me what kinds of security mechanisms are
> already(or planed to be) implemented in hadoop filesystem?

It looks like you've found the ones that are already there.  You can  
see my slides about it here:

http://www.slideshare.net/oom65/plugging-the-holes-security-and-compatability-in-hadoop

We are actively working on it and have published a design document here:

http://bit.ly/75011o

-- Owen


> I know there're some kind of Linux-like 9 bits(ie. ower,group,other)  
> access
> control existing in hdfs. Unfortunately there're no user  
> authentication
> modules. Seems like a big defect for hdfs since without  
> authentication, user
> authorization makes little sense.

It is enough to keep people from deleting things accidently, like the  
student that accidently deleted /Users.

> It has mentioned in the official HDFS docs
> that another Kerberos authentication module will be added to HDFS in  
> the
> future. Could anybody tell me when this will happen?

We are planning to be feature complete in Feb 2010. We are also back  
porting the changes into Yahoo's 20 branch as well as putting them  
into trunk.

-- Owen

Mime
View raw message