[ https://issues.apache.org/jira/browse/MAPREDUCE-5890?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14036684#comment-14036684 ]
Alejandro Abdelnur commented on MAPREDUCE-5890: ----------------------------------------------- Suresh, any special reason why the test is not included in the main patch? I’m not quite happy with the IF blocks scattered around: {code} if (CryptoUtils.isShuffleEncrypted(conf)) { byte[] iv = CryptoUtils.createIVFile(conf, fs, file); out = CryptoUtils.wrap(conf, iv, out); } {code} Given that current abstraction does not provide a clean cut to hide this within the {{IFile}} without a significant refactoring throughout the code, I think is the least evil. Nice job. Could you try running test-patch locally on the fs-encryption branch with this patch? > Support for encrypting Intermediate data and spills in local filesystem > ----------------------------------------------------------------------- > > Key: MAPREDUCE-5890 > URL: https://issues.apache.org/jira/browse/MAPREDUCE-5890 > Project: Hadoop Map/Reduce > Issue Type: New Feature > Components: security > Affects Versions: 2.4.0 > Reporter: Alejandro Abdelnur > Assignee: Arun Suresh > Labels: encryption > Attachments: MAPREDUCE-5890.2.patch, MAPREDUCE-5890.test.patch > > > For some sensitive data, encryption while in flight (network) is not > sufficient, it is required that while at rest it should be encrypted. > HADOOP-10150 & HDFS-6134 bring encryption at rest for data in filesystem > using Hadoop FileSystem API. MapReduce intermediate data and spills should > also be encrypted while at rest. -- This message was sent by Atlassian JIRA (v6.2#6252)