hadoop-hdfs-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Jakob Homan (JIRA)" <j...@apache.org>
Subject [jira] Commented: (HDFS-1150) Verify datanodes' identities to clients in secure clusters
Date Wed, 12 May 2010 22:15:43 GMT

    [ https://issues.apache.org/jira/browse/HDFS-1150?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12866762#action_12866762
] 

Jakob Homan commented on HDFS-1150:
-----------------------------------

The issue occurs when a client reads or writes blocks to a dn (and along the pipeline during
writing).  While the datanode is able to use the block access token to verify that the client
has permission to do so, the client has no way of verifying that it's talking to a genuine
datanode, rather than an imposter process that has come up on the datanode's port (say, after
the datanode has crashed). 

To correct this, rather than change the DataTransferProtocol, and potentially introduce bugs
into the write pipeline, we're looking at using the common's jsvc/daemon library to start
a secure datanode as root, grab the necessary resources (eg privileged ports) and then drop
privileges.  This allows clients a reasonable certainty that the datanode they're talking
to was started securely and is who they expect them to be.

> Verify datanodes' identities to clients in secure clusters
> ----------------------------------------------------------
>
>                 Key: HDFS-1150
>                 URL: https://issues.apache.org/jira/browse/HDFS-1150
>             Project: Hadoop HDFS
>          Issue Type: New Feature
>          Components: data-node
>    Affects Versions: 0.22.0
>            Reporter: Jakob Homan
>            Assignee: Jakob Homan
>
> Currently we use block access tokens to allow datanodes to verify clients' identities,
however we don't have a way for clients to verify the authenticity of the datanodes themselves.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message