[
https://issues.apache.org/jira/browse/HDFS-5055?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13732213#comment-13732213
]
Aaron T. Myers commented on HDFS-5055:
--------------------------------------
bq. What is preventing HDFS-3404 from being used an attack vector?
Well, for one thing super user privilege is required on connect in order for
the NN to do anything in GetImageServlet#doGet:
{code}
if (UserGroupInformation.isSecurityEnabled() &&
!isValidRequestor(context, request.getUserPrincipal().getName(), conf)) {
response.sendError(HttpServletResponse.SC_FORBIDDEN,
"Only Namenode, Secondary Namenode, and administrators may access " +
"this servlet");
LOG.warn("Received non-NN/SNN/administrator request for image or edits from "
+ request.getUserPrincipal().getName() + " at " +
request.getRemoteHost());
return;
}
{code}
If we're assuming that some attacker has HDFS super user privilege, the jig is
already up.
> nn->2nn ignores dfs.namenode.secondary.http-address
> ---------------------------------------------------
>
> Key: HDFS-5055
> URL: https://issues.apache.org/jira/browse/HDFS-5055
> Project: Hadoop HDFS
> Issue Type: Bug
> Components: namenode
> Affects Versions: 2.1.0-beta
> Reporter: Allen Wittenauer
> Priority: Blocker
> Labels: regression
>
> The primary namenode attempts to connect back to (incoming hostname):port
> regardless of how dfs.namenode.secondary.http-address is configured.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
