hadoop-yarn-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Vinod Kumar Vavilapalli (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (YARN-617) In unsercure mode, AM can fake resource requirements
Date Tue, 30 Apr 2013 19:52:16 GMT

    [ https://issues.apache.org/jira/browse/YARN-617?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13645896#comment-13645896
] 

Vinod Kumar Vavilapalli commented on YARN-617:
----------------------------------------------

bq. If a token is available, the RPC client will attempt SASL DIGEST-MD5 regardless of the
client's security conf. Isn't this sufficient to allow container tokens to always be used
for authentication?
Agreed, I should have been more clearer. At YARN-613, we are trying to change the auth to
use AMTokens and authorization will continue to be via ContainerTokens. In that sense, yes,
we don't need this separation, but YARN-613 will do that anyways, so we may as well do it
here.

bq. A RPC server also enables SASL DIGEST-MD5 if a secret manager is active.
Off topic, but this is what I guessed is the reason underlying YARN-626, do you know when
this got merged into branch-2?



                
> In unsercure mode, AM can fake resource requirements 
> -----------------------------------------------------
>
>                 Key: YARN-617
>                 URL: https://issues.apache.org/jira/browse/YARN-617
>             Project: Hadoop YARN
>          Issue Type: Sub-task
>            Reporter: Vinod Kumar Vavilapalli
>            Assignee: Vinod Kumar Vavilapalli
>            Priority: Minor
>
> Without security, it is impossible to completely avoid AMs faking resources. We can at
the least make it as difficult as possible by using the same container tokens and the RM-NM
shared key mechanism over unauthenticated RM-NM channel.
> In the minimum, this will avoid accidental bugs in AMs in unsecure mode.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Mime
View raw message