hadoop-common-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Larry McCay <lmc...@hortonworks.com>
Subject Re: Fostering a Hadoop security dev community
Date Thu, 20 Jun 2013 16:45:01 GMT
It would be great to have dedicated resources like these.
One thing missing for cross cutting concerns like security is a source of
truth for a holistic view of the entire model.
A dedicated wiki space would allow for this view and facilitate the filing
of Jiras that align with the big picture.

On Thu, Jun 20, 2013 at 12:31 PM, Kevin Minder <kevin.minder@hortonworks.com
> wrote:

> Hi PMCs & Everyone,
> There are a number of significant, complex and overlapping efforts
> underway to improve the Hadoop security model.  Many involved are
> struggling to form this into a cohesive whole across the numerous Jiras and
> within the traffic of common-dev.  There has been a suggestion made that
> having two additional pieces of infrastructure might help.
> 1) Establish a security-dev mailing list similar to hdfs-dev, yarn-dev,
> mapreduce-dev, etc. that would help us have more focused interaction on
> non-vulnerability security topics.  I understand that this might "devalue"
> common-dev somewhat but the benefits might outweigh that.
> 2) Establish a corner of the wiki were cross cutting security design could
> be worked out more collaboratively than a doc rev upload mechanism.  I fear
> if we don't have this we will end up collaborating outside Apache
> infrastructure which seems inappropriate.  I understand the risk of losing
> context in the individual Jiras but again my sense is that the cohesiveness
> provided will outweigh the risk.
> I'm open to and interested in other suggestions for how others have solved
> these types of cross cutting collaboration challenges.
> Thanks.
> Kevin.

  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message