-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/30723/
-----------------------------------------------------------
Review request for Ambari, Dmitro Lisnichenko and Robert Levas.
Bugs: AMBARI-9512
https://issues.apache.org/jira/browse/AMBARI-9512
Repository: ambari
Description
-------
I seems like we can see the contents of keytabs generated via Ambari from the
/api/v1/clusters/
{clustername}
/requests endpoint, which is also shown in the UI on the keytab tasks.
This is a potential security risk, as anyone who has an Ambari account can
access them (including non-Admin, read-only users).
Diffs
-----
ambari-server/src/main/resources/common-services/KERBEROS/1.10.3-10/package/scripts/kerberos_common.py
b000c04
ambari-server/src/test/python/stacks/2.2/KERBEROS/test_kerberos_client.py
3bda3f9
ambari-server/src/test/python/stacks/utils/RMFTestCase.py 85e229a
Diff: https://reviews.apache.org/r/30723/diff/
Testing
-------
mvn clean test
Thanks,
Vitalyi Brodetskyi
