Eric Yang created HADOOP-15162:
----------------------------------
Summary: UserGroupInformation.createRmoteUser hardcode
authentication method to SIMPLE
Key: HADOOP-15162
URL: https://issues.apache.org/jira/browse/HADOOP-15162
Project: Hadoop Common
Issue Type: Bug
Components: security
Reporter: Eric Yang
{{UserGroupInformation.createRemoteUser(String user)}} is hard coded
Authentication method to SIMPLE by HADOOP-10683. This by passed proxyuser ACL
check, isSecurityEnabled check, and allow caller to impersonate as anyone.
This method could be abused in the main code base, which can cause part of
Hadoop to become insecure without proxyuser check for both SIMPLE or Kerberos
enabled environment.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
