hadoop-common-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Aaron T. Myers (Commented) (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HADOOP-8101) Security changes for Hadoop for Windows
Date Fri, 30 Mar 2012 17:02:30 GMT

    [ https://issues.apache.org/jira/browse/HADOOP-8101?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13242542#comment-13242542
] 

Aaron T. Myers commented on HADOOP-8101:
----------------------------------------

bq. Currently there is a pluggable module for obtaining a mapping via LDap and via shell commands.
We need a group mapping for windows.

FWIW, I'm fairly confident that the LDAP group mapping was specifically tested with Active
Directory when it was being implemented.

bq. Problem 2: HDFS and MR Impl Protecting its local OS resources from Tasks

Perhaps you were alluding to this, but to be explicit, I think the biggest hurdle with getting
secure Hadoop running on Windows will not be local file system permissions, but to get the
sandboxing enabled by the LTC and LCE to function as expected. Those components rely heavily
on Unix concepts such as seteuid/setegid, supplementary group list, group execution permissions
for binaries, signals, etc.
                
> Security changes for Hadoop for Windows
> ---------------------------------------
>
>                 Key: HADOOP-8101
>                 URL: https://issues.apache.org/jira/browse/HADOOP-8101
>             Project: Hadoop Common
>          Issue Type: Sub-task
>          Components: native
>            Reporter: Sanjay Radia
>         Attachments: security.patch, security1.patch
>
>


--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

Mime
View raw message