Hi devs,

I just had this idea in mind a long time since I'm not sure it'll work
without security issue, but decide to share since upload topology via REST
API is still a great feature to have.

Assuming that no one uses Storm 0.10.0 beta, upload topology via REST API
is removed due to security reason.
If my understanding is right, main security issue is that client class
(which will configure the topology and submit) will be executed from the UI
server with same account.

What if we just submit pre-defined topology which just submits topology
with given topology jar?
It may be similar with cluster mode of driver of Spark but pre-defined
topology will be shutdown immediately after submitting actual topology.
Arbitrary codes can be run on worker node, but it would be running on one
of worker, which it can be protected with security features.
(I might be wrong since I might not have clear understanding of security
feature, especially submitting new topology from the worker.)
We don't need to mention about non-secured cluster, since it's just
non-secured. Even without this API, anyone can include arbitrary code in
Spout or Bolt and submit that topology.

Can this idea address security issue on upload topology REST API?

Thanks in advance,
Jungtaek Lim (HeartSaVioR)

Reply via email to