On Thu, Jul 23, 2009 at 06:49, Palleti, Pallavi<[email protected]> wrote: > Hi all, > > > > We figured out that anyone who have configured their local hadoop with > remote cluster hadoop details and having user name as hadoop can get > administrative rights of the cluster. For example, if I create an user > as hadoop locally in my machine and have conf directory details from the > cluster running remotely, I can run "hadoop fs -rmr /data/" which can > remove all the data available in the remote cluster at /data. I found > this as a serious security vulnerable as anyone can do anything on the > cluster as long as they know the configuration details (hadoop-site.xml > etc). Could someone explain me if there is a way to avoid these kind > of scenarios? Otherwise, what should be the best practice?
You can simply set up some bastion hosts which are trusted and from which jobs can be run. Then let users connect to these hosts using a secure mechanism such as SSH keys. You can then create users/groups on those bastion hosts and have permissions on your HDFS files that use those credentials. Mathias.
