[
https://issues.apache.org/jira/browse/HDFS-1326?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12894625#action_12894625
]
Jakob Homan commented on HDFS-1326:
-----------------------------------
This is for those for whom the jsvc solution doesn't work, as they have access
to other methods of securing and verifying that the process running on the
datanodes' non-RPC ports really is the datanode. Some options that were
brought up on 1150 including Solaris' capabilities to grant user access to
privileged ports, or SELinux's ability to restrict who can bind to high ports.
I opened this so we can make sure whatever we come up with will work reasonably
for as many users as possible. Also, it would be good to maybe get HADOOP-6822
and HADOOP-6823 in some form so that Ops can see what method is running on
their cluster.
> Provide pluggable mechanism for securing datanodes
> --------------------------------------------------
>
> Key: HDFS-1326
> URL: https://issues.apache.org/jira/browse/HDFS-1326
> Project: Hadoop HDFS
> Issue Type: New Feature
> Components: security
> Reporter: Jakob Homan
> Assignee: Jakob Homan
>
> As discussed in HDFS-1150, it would be good to allow datanodes to use other
> methods than jsvc to secure their ports.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
