[
https://issues.apache.org/jira/browse/HDFS-11053?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15606527#comment-15606527
]
Kihwal Lee commented on HDFS-11053:
-----------------------------------
The check was added in the process of fixing HDFS-2264.
> Unnecessary superuser check in versionRequest()
> -----------------------------------------------
>
> Key: HDFS-11053
> URL: https://issues.apache.org/jira/browse/HDFS-11053
> Project: Hadoop HDFS
> Issue Type: Bug
> Components: namenode, security
> Reporter: Kihwal Lee
> Assignee: Kihwal Lee
> Attachments: HDFS-11053.patch
>
>
> The {{versionRequest()}} call does not return any sensitive information. It
> is mainly used for sanity checks. The presence of
> {{checkSuperuserPrivilege()}} forces users to run datanode as a hdfs
> superuser.
> In secure setup, a keytab obtained from a compromised datanode can allow the
> intruder to gain hdfs superuser privilege. We should allow datanodes to be
> run as non-hdfs-superuser by removing {{checkSuperuserPrivilege()}} from
> {{versionRequest()}}.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: hdfs-issues-unsubscr...@hadoop.apache.org
For additional commands, e-mail: hdfs-issues-h...@hadoop.apache.org
