[
https://issues.apache.org/jira/browse/HADOOP-10221?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13916634#comment-13916634
]
Chris Li commented on HADOOP-10221:
-----------------------------------
Hi [~benoyantony]
I'm trying to understand the issues raised. A couple questions:
1. Is there anything to gain for a user with malicious intent to modify the
global static SaslRpcServer.SASL_PROPS?
2. Is it worth being paranoid and copying the map before passing it to an
implementer of SaslPropertiesResolver, since any non-malicious user will do it
anyways?
> Add a plugin to specify SaslProperties for RPC protocol based on connection
> properties
> --------------------------------------------------------------------------------------
>
> Key: HADOOP-10221
> URL: https://issues.apache.org/jira/browse/HADOOP-10221
> Project: Hadoop Common
> Issue Type: Improvement
> Components: security
> Affects Versions: 2.2.0
> Reporter: Benoy Antony
> Assignee: Benoy Antony
> Attachments: HADOOP-10221.patch, HADOOP-10221.patch,
> HADOOP-10221.patch
>
>
> Add a plugin to specify SaslProperties for RPC protocol based on connection
> properties.
> HADOOP-10211 enables client and server to specify and support multiple QOP.
> Some connections needs to be restricted to a specific set of QOP based on
> connection properties.
> Eg. connections from client from a specific subnet needs to be encrypted
> (QOP=privacy)
--
This message was sent by Atlassian JIRA
(v6.1.5#6160)
