Robert Levas created AMBARI-13695:
-------------------------------------
Summary: Minimize HDFS and other headless keytab distribution
(security concerns)
Key: AMBARI-13695
URL: https://issues.apache.org/jira/browse/AMBARI-13695
Project: Ambari
Issue Type: Bug
Components: ambari-server
Affects Versions: 2.0.0
Reporter: Robert Levas
Assignee: Robert Levas
Priority: Critical
Fix For: 2.1.3
Currently, we distribute the *hdfs* headless principal to pretty much every
single host in the cluster.
Since *hdfs* is a super user in HDFS, if any one of the hdfs keytabs are
compromised on any host, the user can do anything on HDFS.
We need to revisit and see if we can restrict the number of hosts to which we
distribute the hdfs headless keytab.
For example, we can perform necessary HDFS operations on one of the master
hosts available, rather than picking an arbitrary client / slave hosts as we do
today.
Also, we should look into not only hdfs headless keytabs but all other headless
ones like hbase, storm, etc.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
