hadoop-common-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Allen Wittenauer ...@altiscale.com>
Subject Re: Hadoop Common: Why not re-use the Security model offered by SELINUX?
Date Thu, 26 Mar 2015 13:20:40 GMT

	How would you propose we use SELinux features to support security, especially in a distributed
manner where clients might be under different administrative controls?  What about the non-Linux
platforms that Hadoop runs on?  


On Mar 26, 2015, at 3:46 AM, Madhan Sundararajan <madhan.sundararajan@tcs.com> wrote:

> Team,
> 
> SELINUX was introduced to bring in a robust security management in Linux 
> OS.
> 
> In all distributions of Hadoop (Cloudera/Hortonworks/...) one of the 
> pre-installation checklist items is to disable SELINUX in all the nodes of 
> the cluster.
> 
> Why not re-use the security model offered by SELINUX setting instead of 
> re-inventing from scratch through Sentry/Knox/etc...?
> 
> Regards
> Madhan Sundararajan Devaki
> 
> Tata Consultancy Services Limited
> 415/21-24, Kumaran Nagar,
> Sholinganallur,
> Old Mahabalipuram,
> Chennai - 600 119,Tamil Nadu
> India
> Cell:- +91-9840141129
> Mailto: madhan.sundararajan@tcs.com
> Website: http://www.tcs.com
> ____________________________________________
> Experience certainty.   IT Services
>                        Business Solutions
>                        Consulting
> ____________________________________________
> =====-----=====-----=====
> Notice: The information contained in this e-mail
> message and/or attachments to it may contain 
> confidential or privileged information. If you are 
> not the intended recipient, any dissemination, use, 
> review, distribution, printing or copying of the 
> information contained in this e-mail message 
> and/or attachments to it are strictly prohibited. If 
> you have received this communication in error, 
> please notify us by reply e-mail or telephone and 
> immediately and permanently delete the message 
> and any attachments. Thank you
> 
> 


Mime
View raw message