hadoop-common-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Aaron T. Myers (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HADOOP-7621) alfredo config should be in a file not readable by users
Date Mon, 19 Sep 2011 23:45:08 GMT

    [ https://issues.apache.org/jira/browse/HADOOP-7621?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13108244#comment-13108244
] 

Aaron T. Myers commented on HADOOP-7621:
----------------------------------------

Hey Alejandro, patch looks pretty good to me. I manually tested it out on a secure cluster
and it worked like a charm. Just a few nits:

# In the docs, you didn't update the default value. The default value is no longer "hadoop",
but rather "$\{user.home\}/hadoop-http-auth-signature-secret".
# I don't think including ${user.home} in the default path is a good idea, since most users
will be deploying the HDFS and MR daemons as separate user accounts. Perhaps the default should
be {{/etc/hadoop/conf/hadoop-http-auth-signature-secret}}?
# Why do you read in the secret file only one character at a time? Granted, the file shouldn't
be very large, but if there's no reason to go character-by-character, then we might as well
read it a large-ish chunk at a time.
# Nit: {{catch(...)}} should be on the same line as the prior closing brace.

> alfredo config should be in a file not readable by users
> --------------------------------------------------------
>
>                 Key: HADOOP-7621
>                 URL: https://issues.apache.org/jira/browse/HADOOP-7621
>             Project: Hadoop Common
>          Issue Type: Bug
>          Components: security
>    Affects Versions: 0.20.205.0, 0.23.0, 0.24.0
>            Reporter: Alejandro Abdelnur
>            Assignee: Alejandro Abdelnur
>            Priority: Critical
>             Fix For: 0.20.205.0, 0.23.0, 0.24.0
>
>         Attachments: HADOOP-7621.patch, HADOOP-7621.patch
>
>
> [thxs ATM for point this one out]
> Alfredo configuration currently is stored in the core-site.xml file, this file is readable
by users (it must be as Configuration defaults must be loaded).
> One of Alfredo config values is a secret which is used by all nodes to sign/verify the
authentication cookie.
> A user could get hold of this secret and forge authentication cookies for other users.
> Because of this the Alfredo configuration, should be move to a user non-readable file.

--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

Mime
View raw message