[
https://issues.apache.org/jira/browse/HDFS-6406?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14000301#comment-14000301
]
Brandon Li commented on HDFS-6406:
----------------------------------
Port monitoring is relic, but still, it's an additional source of NFS security.
:-)
This is a nice feature to have.
{quote} in a world of Linux and Linux VMs, there can be a lot of unix root
admins in a cluster{quote}
Yes, this can be a problem. In this case, users can configure the export table
("dfs.nfs.exports.allowed.hosts") to limit the access in an environment where
IP can be trusted.
> Add capability for NFS gateway to reject connections from unprivileged ports
> ----------------------------------------------------------------------------
>
> Key: HDFS-6406
> URL: https://issues.apache.org/jira/browse/HDFS-6406
> Project: Hadoop HDFS
> Issue Type: Bug
> Components: nfs
> Affects Versions: 2.4.0
> Reporter: Aaron T. Myers
> Assignee: Aaron T. Myers
> Attachments: HDFS-6406.patch, HDFS-6406.patch
>
>
> Many NFS servers have the ability to only accept client connections
> originating from privileged ports. It would be nice if the HDFS NFS gateway
> had the same feature.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
