On 12/12/07 9:16 AM, "Ted Dunning" <[EMAIL PROTECTED]> wrote:
> 3. There is currently no security. Weak user level security will appear
> soon (but you will still be able to lie about who you are). Stronger
> security is in the works, but you should expect to protect a Hadoop cluster
> from the outside.
It is probably worth pointing out that the approach we took to
protecting the HDFS was to firewall off the fs.default.name machine/port and
50075 (datanode.something.or.other) while also having users use another port
that pointed to an apache instance that wrapped the dfs browser stuff. Hosts
that can connect to the HDFS is then strictly controlled, including limited
root access, etc.
[Yes, this is painful.]
