hadoop-hdfs-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Devaraj Das (JIRA)" <j...@apache.org>
Subject [jira] Commented: (HDFS-1150) Verify datanodes' identities to clients in secure clusters
Date Mon, 17 May 2010 04:48:44 GMT

    [ https://issues.apache.org/jira/browse/HDFS-1150?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12868082#action_12868082
] 

Devaraj Das commented on HDFS-1150:
-----------------------------------

Allen, thanks for the review. Some of the comments are valid. On why we are using jsvc, we
didn't want to let the datanode run as root entirely. We wanted to only run whatever is minimally
required as root - the code to bind to the privileged ports. After the bind happens, privileges
are dropped. Jsvc handles these aspects quite well. The mapred setuid code cannot be used
for this purpose since we need to deal with a Java datanode process.. 

> Verify datanodes' identities to clients in secure clusters
> ----------------------------------------------------------
>
>                 Key: HDFS-1150
>                 URL: https://issues.apache.org/jira/browse/HDFS-1150
>             Project: Hadoop HDFS
>          Issue Type: New Feature
>          Components: data-node
>    Affects Versions: 0.22.0
>            Reporter: Jakob Homan
>            Assignee: Jakob Homan
>         Attachments: HDFS-1150-y20.build-script.patch, HDFS-1150-Y20S-ready-5.patch,
HDFS-1150-Y20S-ready-6.patch, HDFS-1150-Y20S-ready-7.patch, HDFS-1150-Y20S-ready-8.patch,
HDFS-1150-Y20S-Rough-2.patch, HDFS-1150-Y20S-Rough-3.patch, HDFS-1150-Y20S-Rough-4.patch,
HDFS-1150-Y20S-Rough.txt
>
>
> Currently we use block access tokens to allow datanodes to verify clients' identities,
however we don't have a way for clients to verify the authenticity of the datanodes themselves.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message