hadoop-mapreduce-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Luke Lu (Commented) (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (MAPREDUCE-3231) Improve Application Master And Job History UI Security
Date Fri, 21 Oct 2011 08:30:32 GMT

    [ https://issues.apache.org/jira/browse/MAPREDUCE-3231?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13132511#comment-13132511
] 

Luke Lu commented on MAPREDUCE-3231:
------------------------------------

If I understand your proposal correctly, you're trying to invent a less powerful but "more
secure" alternative language to html/js/css for a trusted web server (essentially a proxy)
to assemble html/js/css for end users. Besides the complexity of the approach (e.g., you'll
have to at least invent a robust stream based json parser that can handle adversarial long
name and values, which doesn't exist yet (with a compatible open source license anyway), which
you seem to underestimate, it's a non-starter for deployments that do not require such security
and/or have a commercial transparent proxy that can handle the webapp security just fine.
A fundamental requirement for hadoop security is that it must be optional and pluggable. Your
proposal requires people to rewrite their webapps in your extremely restrictive way. It's
fundamentally wrong on so many levels. The web proxy design (in MAPREDUCE-2858) in conjunction
with code whitelisting can give user complete freedom in AM UI design, while adequately ensure
security when it's needed.

I'm strongly -1 on any proposal that impose mandatory significant restriction on people's
freedom to create their own web UI in the cloud/cluster/grid.
                
> Improve Application Master And Job History UI Security
> ------------------------------------------------------
>
>                 Key: MAPREDUCE-3231
>                 URL: https://issues.apache.org/jira/browse/MAPREDUCE-3231
>             Project: Hadoop Map/Reduce
>          Issue Type: Improvement
>          Components: mrv2
>    Affects Versions: 0.23.0
>            Reporter: Robert Joseph Evans
>            Assignee: Robert Joseph Evans
>         Attachments: AMWebSecurityProposal.pdf
>
>
> I propose a stripped down JSON based protocol for creating safe user generate web pages.
 This JIRA is intended first of all as a place for a discussion about this proposal, and then
if there are no serious objections this will be an Umbrella JIRA to implement the changes
proposed.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

       

Mime
View raw message