hadoop-mapreduce-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Hudson (Commented) (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (MAPREDUCE-3175) Yarn httpservers not created with access Control lists
Date Thu, 27 Oct 2011 06:36:32 GMT

    [ https://issues.apache.org/jira/browse/MAPREDUCE-3175?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13136830#comment-13136830
] 

Hudson commented on MAPREDUCE-3175:
-----------------------------------

Integrated in Hadoop-Mapreduce-trunk-Commit #1180 (See [https://builds.apache.org/job/Hadoop-Mapreduce-trunk-Commit/1180/])
    MAPREDUCE-3175. Add authorization to admin web-pages such as /stacks, /jmx etc. Contributed
by Jonathan Eagles.

acmurthy : http://svn.apache.org/viewcvs.cgi/?root=Apache-SVN&view=rev&rev=1189619
Files : 
* /hadoop/common/trunk/hadoop-mapreduce-project/CHANGES.txt
* /hadoop/common/trunk/hadoop-mapreduce-project/hadoop-yarn/hadoop-yarn-common/src/main/java/org/apache/hadoop/yarn/security/AdminACLsManager.java
* /hadoop/common/trunk/hadoop-mapreduce-project/hadoop-yarn/hadoop-yarn-common/src/main/java/org/apache/hadoop/yarn/webapp/WebApps.java
* /hadoop/common/trunk/hadoop-mapreduce-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-common/src/main/java/org/apache/hadoop/yarn/server/security/ApplicationACLsManager.java

                
> Yarn httpservers not created with access Control lists
> ------------------------------------------------------
>
>                 Key: MAPREDUCE-3175
>                 URL: https://issues.apache.org/jira/browse/MAPREDUCE-3175
>             Project: Hadoop Map/Reduce
>          Issue Type: Sub-task
>          Components: mrv2
>    Affects Versions: 0.23.0
>            Reporter: Thomas Graves
>            Assignee: Jonathan Eagles
>            Priority: Blocker
>         Attachments: MAPREDUCE-3175.patch, MAPREDUCE-3175.patch, MAPREDUCE-3175.patch,
MAPREDUCE-3175.patch, MAPREDUCE-3175.patch
>
>
> RM, NM, job history, and application master httpservers are not created with access Control
lists. I believe this means that anyone can access any of the standard servlets that check
to see if the user has administrator access - like /jmx, /stacks, etc and ops has no way to
restrict access to these things.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

Mime
View raw message