hadoop-hdfs-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Andrew Wang (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HDFS-6406) Add capability for NFS gateway to reject connections from unprivileged ports
Date Fri, 16 May 2014 10:53:10 GMT

    [ https://issues.apache.org/jira/browse/HDFS-6406?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13999051#comment-13999051

Andrew Wang commented on HDFS-6406:

Hey ATM, definitely a nice feature here. A few review comments:

- I believe privileged ports are [0-1023] inclusive, so 1024 actually isn't a privileged port.
Based on the comment in hdfs-default.xml, the correct value would actually be 1023.
- There's some ambiguity about setting a value of 0 for this config parameter. Zero isn't
positive or negative and also isn't a valid port (and thus not a valid config setting either),
but we don't WARN or abort on this. It might make sense to have 0 be the default special value
rather than introducing the special "-1", and then throwing some exception if a negative value
is set.
- Because of the above two comments, I'd prefer a boolean rather than specifying an int, which
seems more error prone. AFAIK you can't configure the privileged port range (which I think
is kind of the point), so I don't see much utility in being able to specify a range.
- This is a good opportunity to try out SLF4J if you're interested, since we can skip the
isDebugEnabled if wrappers
- Typo in test: "s/rung/run"

> Add capability for NFS gateway to reject connections from unprivileged ports
> ----------------------------------------------------------------------------
>                 Key: HDFS-6406
>                 URL: https://issues.apache.org/jira/browse/HDFS-6406
>             Project: Hadoop HDFS
>          Issue Type: Bug
>          Components: nfs
>    Affects Versions: 2.4.0
>            Reporter: Aaron T. Myers
>            Assignee: Aaron T. Myers
>         Attachments: HDFS-6406.patch, HDFS-6406.patch
> Many NFS servers have the ability to only accept client connections originating from
privileged ports. It would be nice if the HDFS NFS gateway had the same feature.

This message was sent by Atlassian JIRA

View raw message