hadoop-hdfs-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Jakob Homan (JIRA)" <j...@apache.org>
Subject [jira] Commented: (HDFS-1326) Provide pluggable mechanism for securing datanodes
Date Mon, 02 Aug 2010 18:02:16 GMT

    [ https://issues.apache.org/jira/browse/HDFS-1326?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12894625#action_12894625
] 

Jakob Homan commented on HDFS-1326:
-----------------------------------

This is for those for whom the jsvc solution doesn't work, as they have access to other methods
of securing and verifying that the process running on the datanodes' non-RPC ports really
is the datanode.  Some options that were brought up on 1150 including Solaris'  capabilities
to grant user access to privileged ports, or SELinux's ability to restrict who can bind to
high ports.  I opened this so we can make sure whatever we come up with will work reasonably
for as many users as possible.  Also, it would be good to maybe get HADOOP-6822 and HADOOP-6823
in some form so that Ops can see what method is running on their cluster.

> Provide pluggable mechanism for securing datanodes
> --------------------------------------------------
>
>                 Key: HDFS-1326
>                 URL: https://issues.apache.org/jira/browse/HDFS-1326
>             Project: Hadoop HDFS
>          Issue Type: New Feature
>          Components: security
>            Reporter: Jakob Homan
>            Assignee: Jakob Homan
>
> As discussed in HDFS-1150, it would be good to allow datanodes to use other methods than
jsvc to secure their ports.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message