[jira] [Commented] (FLINK-3930) Implement Service-Level Authorization

Tue, 06 Sep 2016 14:14:37 -0700 

    [ 
https://issues.apache.org/jira/browse/FLINK-3930?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15468585#comment-15468585
 ] 

ASF GitHub Bot commented on FLINK-3930:
---------------------------------------

Github user vijikarthi commented on the issue:

    https://github.com/apache/flink/pull/2425
  
    >
    How is the secret transferred to the TaskManagers on YARN?
    
    Cookie is transferred to TM container through container environment 
variable and further gets populated to in-memory Flink configuration instance. 
The secure cookie is vulnerable (so as the Keytab file) to the users who has 
access to the container local resource storage area and that's the limitation 
we may have to deal with.
    
    >Is using the JobManagerMessages.getRequestBlobManagerSecureCookie() 
message always secure?
    
    I believe it is safe since Akka endpoints are secured using the shared 
token (cookie) and for someone to access the cookie using the 
"JobManagerMessages.getRequestBlobManagerSecureCookie()", they should have been 
authenticated first.
    
    >
    Maybe it also makes sense to start adding a page into the internals 
documentation section, explaining how the secure cookie is implemented.
    
    I am planning to add a separate page to internals documentation explaining 
how the shared secret stuff is implemented for various deployment options - 
Standalone, Yarn, Mesos (tbd)


> Implement Service-Level Authorization
> -------------------------------------
>
>                 Key: FLINK-3930
>                 URL: https://issues.apache.org/jira/browse/FLINK-3930
>             Project: Flink
>          Issue Type: New Feature
>          Components: Security
>            Reporter: Eron Wright 
>            Assignee: Vijay Srinivasaraghavan
>              Labels: security
>   Original Estimate: 672h
>  Remaining Estimate: 672h
>
> _This issue is part of a series of improvements detailed in the [Secure Data 
> Access|https://docs.google.com/document/d/1-GQB6uVOyoaXGwtqwqLV8BHDxWiMO2WnVzBoJ8oPaAs/edit?usp=sharing]
>  design doc._
> Service-level authorization is the initial authorization mechanism to ensure 
> clients (or servers) connecting to the Flink cluster are authorized to do so. 
>   The purpose is to prevent a cluster from being used by an unauthorized 
> user, whether to execute jobs, disrupt cluster functionality, or gain access 
> to secrets stored within the cluster.
> Implement service-level authorization as described in the design doc.
> - Introduce a shared secret cookie
> - Enable Akka security cookie
> - Implement data transfer authentication
> - Secure the web dashboard



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to