Adding user and service-to-service authentication to Hadoop
-----------------------------------------------------------
Key: HADOOP-4343
URL: https://issues.apache.org/jira/browse/HADOOP-4343
Project: Hadoop Core
Issue Type: New Feature
Reporter: Kan Zhang
Assignee: Kan Zhang
Fix For: 0.20.0
Currently, Hadoop services do not authenticate users or other services. As a
result, Hadoop is subject to the following security risks.
1. A user can access an HDFS or M/R cluster as any other user. This makes it
impossible to enforce access control in an uncooperative environment. For
example, file permission checking on HDFS can be easily circumvented.
2. An attacker can masquerade as Hadoop services. For example, user code
running on a M/R cluster can register itself as a new TaskTracker.
This JIRA is intended to be a tracking JIRA, where we discuss requirements,
agree on a general approach and identify subtasks. Detailed design and
implementation are the subject of those subtasks.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
