[jira] [Commented] (HDFS-11069) Tighten the authorization of datanode RPC

Kihwal Lee (JIRA) Thu, 27 Oct 2016 08:54:28 -0700

    [ 
https://issues.apache.org/jira/browse/HDFS-11069?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15612304#comment-15612304
 ]


Kihwal Lee commented on HDFS-11069:
-----------------------------------

{code}
private void checkSuperuserPrivilege() {
...
    if (callerUgi.getShortUserName().equals(dnUserName)) {
      return;
    }
...
{code}

Instead of checking only the short name, the full name should be checked. E.g. 
{{dn_user/datanode01.yourdomain....@yourdomain.com}} instead of simply 
{{dn_user}}.

> Tighten the authorization of datanode RPC
> -----------------------------------------
>
>                 Key: HDFS-11069
>                 URL: https://issues.apache.org/jira/browse/HDFS-11069
>             Project: Hadoop HDFS
>          Issue Type: Improvement
>          Components: datanode, security
>            Reporter: Kihwal Lee
>            Assignee: Kihwal Lee
>
> The current implementation of {{checkSuperuserPrivilege()}} allows the 
> datanode user from any node to be recognized as a super user.  If one 
> datanode is compromised, the intruder can issue {{shutdownDatanode()}}, 
> {{evictWriters()}}, {{triggerBlockReport()}}, etc. against all other 
> datanodes.
> This needs to be tightened to allow only the local datanode user.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

---------------------------------------------------------------------
To unsubscribe, e-mail: hdfs-issues-unsubscr...@hadoop.apache.org
For additional commands, e-mail: hdfs-issues-h...@hadoop.apache.org

[jira] [Commented] (HDFS-11069) Tighten the authorization of datanode RPC

Reply via email to