[
https://issues.apache.org/jira/browse/HDFS-8613?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14590065#comment-14590065
]
Allen Wittenauer commented on HDFS-8613:
----------------------------------------
This should get added as generic feature to common's ACL system first. Then
all daemons could benefit rather than having yet another thing that is specific
to HDFS.
> Add option to list up allowed hosts that can do any operation to NameNode.
> --------------------------------------------------------------------------
>
> Key: HDFS-8613
> URL: https://issues.apache.org/jira/browse/HDFS-8613
> Project: Hadoop HDFS
> Issue Type: Improvement
> Affects Versions: 2.7.0
> Reporter: Kai Sasaki
> Assignee: Kai Sasaki
> Priority: Minor
>
> Current NameNode receives all operations through client protocol from any
> hosts.
> However, some critical operations such as {{format}} should be restricted
> with not only Kerberos authentication but also with host names in order to
> prevent us from formatting NameNode by mistake. It is better to add option to
> write some allowed hosts which can do any operations to NameNode.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
