[
https://issues.apache.org/jira/browse/MAPREDUCE-3761?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13217348#comment-13217348
]
Robert Joseph Evans commented on MAPREDUCE-3761:
------------------------------------------------
I am a bit confused by why we want to expose this to the end user. I can see
that it is very useful to QE trying to test, or a developer trying to debug an
issue, but this can potentially bypass the web application proxy, which is a
security issue. If an end user sees this output they are going to copy and
past this into the browser and go to that link. If the AM is well behaved it
will redirect the user back through the proxy, but if the AM is malicious, it
will do exactly what the proxy is intended to help mitigate. I don't think
that this is critical, there are enough holes in the proxy when it is working
properly anyways, but this patch is potentially reducing the security of the
system.
> AM info in job -list does not reflect the actual AM hostname
> ------------------------------------------------------------
>
> Key: MAPREDUCE-3761
> URL: https://issues.apache.org/jira/browse/MAPREDUCE-3761
> Project: Hadoop Map/Reduce
> Issue Type: Improvement
> Components: mrv2
> Affects Versions: 0.23.1
> Reporter: Ramya Sunil
> Assignee: Vinod Kumar Vavilapalli
> Fix For: 0.23.1
>
> Attachments: MAPREDUCE-3761-20120202.txt,
> MAPREDUCE-3761-20120214.1.txt
>
>
> The AM info field on "bin/mapred job -list" currently has a value
> <resourcemanager hostname>:8088/proxy/appID. This info is irrelevant unless
> it shows the real information of where the AM was launched. This needs to be
> fixed to show the AM host details.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
