[
https://issues.apache.org/jira/browse/HDFS-2246?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13109157#comment-13109157
]
Todd Lipcon commented on HDFS-2246:
-----------------------------------
On the other hand, running two different systems under the same security
principal is also not a good idea. Good security practices are pretty
antithetical to the way this patch works (hence my arguing that the proper
solution with fd-passing should be finished instead of this hack)
Most package-based installs of HBase do indeed run as a separate system user,
and separate kerberos principals as well in secure HBase. I don't think doing
access control based on a static assumption that the principal is the same is
acceptable - perhaps an ACL is in order?
> Shortcut a local client reads to a Datanodes files directly
> -----------------------------------------------------------
>
> Key: HDFS-2246
> URL: https://issues.apache.org/jira/browse/HDFS-2246
> Project: Hadoop HDFS
> Issue Type: Improvement
> Reporter: Sanjay Radia
> Attachments: 0001-HDFS-347.-Local-reads.patch, HDFS-2246.20s.1.patch,
> HDFS-2246.20s.2.txt, HDFS-2246.20s.3.txt, HDFS-2246.20s.patch,
> localReadShortcut20-security.2patch
>
>
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
