Github user revans2 commented on the pull request:
https://github.com/apache/storm/pull/692#issuecomment-145260515
@priyank5485 and others I am not totally sure that this is a good idea. If
HDFS is running secure and Storm is running insecure, with this feature enabled
you have now disabled security in HDFS, so anyone who can submit a topology
(a.k.a everyone) can pretend to be any user in HDFS. To me I would much rather
see the feature that allows this to work with an arbitrary UGI. Or better have
a keytab installed on the worker nodes then you just need a config to point to
that keytab and the principal you want to use out of it.
I am -0 on this change. I am not going to block it, but I would prefer to
see it done a different way.
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at [email protected] or file a JIRA ticket
with INFRA.
---
