hadoop-yarn-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Junping Du (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (YARN-6890) If UI is not secured, we allow user to kill other users' job even yarn cluster is secured.
Date Thu, 31 Aug 2017 21:33:00 GMT

    [ https://issues.apache.org/jira/browse/YARN-6890?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16149639#comment-16149639
] 

Junping Du commented on YARN-6890:
----------------------------------

Sounds like we forget to merge patch to branch-2.8.2. Just merge it.

> If UI is not secured, we allow user to kill other users' job even yarn cluster is secured.
> ------------------------------------------------------------------------------------------
>
>                 Key: YARN-6890
>                 URL: https://issues.apache.org/jira/browse/YARN-6890
>             Project: Hadoop YARN
>          Issue Type: Bug
>            Reporter: Sumana Sathish
>            Assignee: Junping Du
>            Priority: Critical
>             Fix For: 3.0.0-beta1, 2.8.2
>
>         Attachments: YARN-6890.patch, YARN-6890-v2.patch, YARN-6890-v3.patch
>
>
> Configuring SPNEGO for web browser could be a head ache, so many production cluster choose
to configure a unsecured UI access even for a secured cluster. In this setup, users (login
as some random guy) could watch other users job which is expected. However, the kill button
(added in YARN-3249 which enabled by default) shouldn't work in this situation.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

---------------------------------------------------------------------
To unsubscribe, e-mail: yarn-issues-unsubscribe@hadoop.apache.org
For additional commands, e-mail: yarn-issues-help@hadoop.apache.org


Mime
View raw message