hadoop-yarn-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Wangda Tan (JIRA)" <j...@apache.org>
Subject [jira] [Comment Edited] (YARN-4734) Merge branch:YARN-3368 to trunk
Date Mon, 24 Oct 2016 20:28:58 GMT

    [ https://issues.apache.org/jira/browse/YARN-4734?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15603108#comment-15603108
] 

Wangda Tan edited comment on YARN-4734 at 10/24/16 8:28 PM:
------------------------------------------------------------

Thanks [~aw],

bq. A question. Given the ... circumstances... lately of patches going into YARN, what's the
security status of this branch?

Offline double confirmed with [~sunilg] / [~hsreenath] about your question and following answers:

a. Existing security status:
Current the new UI on the same HttpServer2 instance which hosts REST service / old UI, so
we should be able to get security support from existing logics. However, before we can do
sufficient tests for security support, I would prefer to suggest user do not expect security
support for the UI for now.

b. Any possible vulnerabilities?
- This feature can be completely disabled, new added code are all packaged inside a war file.
When this feature disabled, we are not even placing the WAR file in class path where jersey
server will extract it.
- As you know ours new UI is not a conventional web application, its an SPA (Single Page application).
In conventional apps there were server side code that had to consider security.
Our app just uses REST APIs to get data from the server. In other words, every hack that an
user could possible do with the UI, he would be able to do it using other tools like Postman.
The user can also inject code from the console and tweek the UI functionality.
What is basically implies is that its not worth to worry about security at the UI side :)
Instead we just need to ensure that the REST end points are secure.

bq. Has anyone done an audit? (Web security is outside my area of expertise, so I'd prefer
another set of eyes on this one.)

Many folks have looked at new added code and we believe it is safe. It is more than welcome
that if you or any other folks want to do this check, just let us know if you have any questions/concerns.


was (Author: leftnoteasy):
Thanks [~aw],

bq. A question. Given the ... circumstances... lately of patches going into YARN, what's the
security status of this branch?

Offline double confirmed with [~sunilg] / [~hsreenath] about your question and following answers:

a. Existing security status:
Current the new UI on the same HttpServer2 instance which hosts REST service / old UI, so
we should be able to get security support from existing logics. However, before we can do
sufficient tests for security support, I would prefer to suggest user do not expect security
support for the UI for now.

b. Any possible vulnerabilities?

1)
This feature can be completely disabled, new added code are all packaged inside a war file.
When this feature disabled, we are not even placing the WAR file in class path where jersey
server will extract it.

2)
As you know ours new UI is not a conventional web application, its an SPA (Single Page application).
In conventional apps there were server side code that had to consider security.
Our app just uses REST APIs to get data from the server. In other words, every hack that an
user could possible do with the UI, he would be able to do it using other tools like Postman.
The user can also inject code from the console and tweek the UI functionality.

What is basically implies is that its not worth to worry about security at the UI side :)
Instead we just need to ensure that the REST end points are secure.

bq. Has anyone done an audit? (Web security is outside my area of expertise, so I'd prefer
another set of eyes on this one.)

Many folks have looked at new added code and we believe it is safe. It is more than welcome
that if you or any other folks want to do this check, just let us know if you have any questions/concerns.

> Merge branch:YARN-3368 to trunk
> -------------------------------
>
>                 Key: YARN-4734
>                 URL: https://issues.apache.org/jira/browse/YARN-4734
>             Project: Hadoop YARN
>          Issue Type: Sub-task
>            Reporter: Wangda Tan
>            Assignee: Wangda Tan
>         Attachments: YARN-4734.1.patch, YARN-4734.10-NOT_READY.patch, YARN-4734.11-NOT_READY.patch,
YARN-4734.12-NOT_READY.patch, YARN-4734.13.patch, YARN-4734.14.patch, YARN-4734.15.patch,
YARN-4734.2.patch, YARN-4734.3.patch, YARN-4734.4.patch, YARN-4734.5.patch, YARN-4734.6.patch,
YARN-4734.7.patch, YARN-4734.8.patch, YARN-4734.9-NOT_READY.patch
>
>
> YARN-2928 branch is planned to merge back to trunk shortly, it depends on changes of
YARN-3368. This JIRA is to track the merging task.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

---------------------------------------------------------------------
To unsubscribe, e-mail: yarn-issues-unsubscribe@hadoop.apache.org
For additional commands, e-mail: yarn-issues-help@hadoop.apache.org


Mime
View raw message