[jira] [Commented] (HDFS-13081) Datanode#checkSecureConfig should allow SASL and privileged HTTP

Wed, 02 May 2018 18:17:14 -0700 

    [ 
https://issues.apache.org/jira/browse/HDFS-13081?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16461812#comment-16461812
 ] 

Anu Engineer commented on HDFS-13081:
-------------------------------------

There is a lot of existing HDFS clusters where wildcard certs are used. :(
For example, some vendors document the use of Wild Card Certs. I am concerned 
that this patch does not consider that scenario, which is quite popular in the 
wild and opens up lots of existing cluster to new security threats.


> Datanode#checkSecureConfig should allow SASL and privileged HTTP
> ----------------------------------------------------------------
>
>                 Key: HDFS-13081
>                 URL: https://issues.apache.org/jira/browse/HDFS-13081
>             Project: Hadoop HDFS
>          Issue Type: Bug
>          Components: datanode, security
>    Affects Versions: 3.0.0
>            Reporter: Xiaoyu Yao
>            Assignee: Ajay Kumar
>            Priority: Major
>             Fix For: 3.1.0, 3.0.3
>
>         Attachments: HDFS-13081.000.patch, HDFS-13081.001.patch, 
> HDFS-13081.002.patch, HDFS-13081.003.patch, HDFS-13081.004.patch, 
> HDFS-13081.005.patch, HDFS-13081.006.patch
>
>
> Datanode#checkSecureConfig currently check the following to determine if 
> secure datanode is enabled. 
>  # The server has bound to privileged ports for RPC and HTTP via 
> SecureDataNodeStarter.
>  # The configuration enables SASL on DataTransferProtocol and HTTPS (no plain 
> HTTP) for the HTTP server. 
> Authentication of Datanode RPC server can be done either via SASL handshake 
> or JSVC/privilege RPC port. 
> This guarantees authentication of the datanode RPC server before a client 
> transmits a secret, such as a block access token. 
> Authentication of the  HTTP server can also be done either via HTTPS/SSL or 
> JSVC/privilege HTTP port. This guarantees authentication of datandoe HTTP 
> server before a client transmits a secret, such as a delegation token.
> This ticket is open to allow privileged HTTP as an alternative to HTTPS to 
> work with SASL based RPC protection.
>  
> cc: [~cnauroth] , [~daryn], [~jnpandey] for additional feedback.
>  



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to