[
https://issues.apache.org/jira/browse/HDDS-3617?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17114262#comment-17114262
]
Xiaoyu Yao commented on HDDS-3617:
----------------------------------
Thanks [~maobaolong] for open the issue. Please check the service level
authorization added by HDDS-1038.
SCM service is intended to open for internal service like OM/DN only. With
proper acl setting in hadoop-policy.xml, you should be able to ensure only
authorized service user/admin have access to these services.
> SCM security
> ------------
>
> Key: HDDS-3617
> URL: https://issues.apache.org/jira/browse/HDDS-3617
> Project: Hadoop Distributed Data Store
> Issue Type: New Feature
> Components: SCM
> Affects Versions: 0.6.0
> Reporter: maobaolong
> Priority: Major
>
> Now the absence of security of SCM is a risk. SCM don't know who request a
> powerful operation, and do it anyway, especially some admin operation, such
> as close pipeline, create pipeline, safemode exit and so on.
> I think we should do some works on it.
> - Authentication. Verify the user information
> - Authorization. Check the permission of the user have the right to access.
> - Whitelist and Blacklist to simple way to check permission.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: ozone-issues-unsubscr...@hadoop.apache.org
For additional commands, e-mail: ozone-issues-h...@hadoop.apache.org
