hadoop-common-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Hudson (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HADOOP-12625) Add a config to disable the /logs endpoints
Date Thu, 10 Dec 2015 03:03:11 GMT

    [ https://issues.apache.org/jira/browse/HADOOP-12625?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15049925#comment-15049925
] 

Hudson commented on HADOOP-12625:
---------------------------------

FAILURE: Integrated in Hadoop-Hdfs-trunk-Java8 #680 (See [https://builds.apache.org/job/Hadoop-Hdfs-trunk-Java8/680/])
HADOOP-12625. Add a config to disable the /logs endpoints (rkanter) (rkanter: rev e27fffdb9036d9ed9759d59b964020423b982e22)
* hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/http/HttpServer2.java
* hadoop-common-project/hadoop-common/CHANGES.txt
* hadoop-common-project/hadoop-common/src/main/resources/core-default.xml
* hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/CommonConfigurationKeysPublic.java
* hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/http/TestHttpServerLogs.java


> Add a config to disable the /logs endpoints
> -------------------------------------------
>
>                 Key: HADOOP-12625
>                 URL: https://issues.apache.org/jira/browse/HADOOP-12625
>             Project: Hadoop Common
>          Issue Type: Improvement
>          Components: security
>    Affects Versions: 2.9.0
>            Reporter: Robert Kanter
>            Assignee: Robert Kanter
>             Fix For: 2.9.0
>
>         Attachments: HADOOP-12625.001.patch
>
>
> We should add a config to disable the /logs endpoint in HttpServer2. Listing a directory
like this can be dangerous from a security perspective.  We can keep it enabled by default
for compatibility though.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message