hadoop-mapreduce-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Robert Joseph Evans (Updated) (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (MAPREDUCE-2858) MRv2 WebApp Security
Date Tue, 25 Oct 2011 16:20:33 GMT

     [ https://issues.apache.org/jira/browse/MAPREDUCE-2858?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Robert Joseph Evans updated MAPREDUCE-2858:
-------------------------------------------

    Attachment: MR-2858.txt
                MR-2858-branch-0.23.txt

It took me a bit longer to run through all of the tests again, then I expected.

The following have changed in this patch.  

# Hamlet is now used to generate the error and warning pages (@Luke if you could tell me where
the security errors were in the previous patch I would appreciate it.  This is just for my
own knowledge and will not impact the patch)
# The URL no longer stores the state of user approval (CHECKED/NEEDSCHECK).  A cookie called
checked_<app_id> is used.  If it is set to "true" then the user is considered to be
approved.  If the warning page has been displayed to the user and they have not approved it
yet then it is set to "false".  The user can switch the value of the cookie to true by adding
a query parameter proxyapproved=true.  This query parameter is ignored if the cookie is not
set.  This forces the user to see the page either way.
#I removed the proxy specific principal to be consistent with what happened to other server.


                
> MRv2 WebApp Security
> --------------------
>
>                 Key: MAPREDUCE-2858
>                 URL: https://issues.apache.org/jira/browse/MAPREDUCE-2858
>             Project: Hadoop Map/Reduce
>          Issue Type: Sub-task
>          Components: applicationmaster, mrv2, security
>    Affects Versions: 0.23.0, 0.24.0
>            Reporter: Luke Lu
>            Assignee: Robert Joseph Evans
>            Priority: Blocker
>             Fix For: 0.23.0
>
>         Attachments: MR-2858-branch-0.23.txt, MR-2858-branch-0.23.txt, MR-2858-branch-0.23.txt,
MR-2858-branch-0.23.txt, MR-2858.txt, MR-2858.txt, MR-2858.txt, MR-2858.txt
>
>
> In MRv2, while the system servers (ResourceManager (RM), NodeManager (NM) and NameNode
(NN)) run as "trusted"
> system users, the application masters (AM) run as users who submit the application. While
this offers great flexibility
> to run multiple version of mapreduce frameworks (including their UI) on the same Hadoop
cluster, it has significant
> implication for the security of webapps (Please do not discuss company specific vulnerabilities
here).
> Requirements:
> # Secure authentication for AM (for app/job level ACLs).
> # Webapp security should be optional via site configuration.
> # Support existing pluggable single sign on mechanisms.
> # Should not require per app/user configuration for deployment.
> # Should not require special site-wide DNS configuration for deployment.
> This the top jira for webapp security. A design doc/notes of threat-modeling and counter
measures will be posted on the wiki.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

Mime
View raw message