[
https://issues.apache.org/jira/browse/HADOOP-8101?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13242542#comment-13242542
]
Aaron T. Myers commented on HADOOP-8101:
----------------------------------------
bq. Currently there is a pluggable module for obtaining a mapping via LDap and
via shell commands. We need a group mapping for windows.
FWIW, I'm fairly confident that the LDAP group mapping was specifically tested
with Active Directory when it was being implemented.
bq. Problem 2: HDFS and MR Impl Protecting its local OS resources from Tasks
Perhaps you were alluding to this, but to be explicit, I think the biggest
hurdle with getting secure Hadoop running on Windows will not be local file
system permissions, but to get the sandboxing enabled by the LTC and LCE to
function as expected. Those components rely heavily on Unix concepts such as
seteuid/setegid, supplementary group list, group execution permissions for
binaries, signals, etc.
> Security changes for Hadoop for Windows
> ---------------------------------------
>
> Key: HADOOP-8101
> URL: https://issues.apache.org/jira/browse/HADOOP-8101
> Project: Hadoop Common
> Issue Type: Sub-task
> Components: native
> Reporter: Sanjay Radia
> Attachments: security.patch, security1.patch
>
>
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
