Todd Lipcon has posted comments on this change. Change subject: [security] tighter TSK and authn token validity settings ......................................................................
Patch Set 2: (2 comments) http://gerrit.cloudera.org:8080/#/c/6071/2//COMMIT_MSG Commit Message: PS2, Line 9: Use more restrictive settings for default TSK validity and rotation : intervals: 48 and 12 hours correspondingly. I think we should go with 1 week validity on TSKs, to match what some other Hadoop ecosystem components do (eg HBase). Note that this will restrict the maximum lifetime of a Spark job, so having a short one has some negative impact. I guess really we need to have the TSK lifetime be 1 week _plus_ the rotation interval, right? So that a new token issued right before a rotation will expire before its issuing TSK. http://gerrit.cloudera.org:8080/#/c/6071/2/src/kudu/master/master.cc File src/kudu/master/master.cc: PS2, Line 67: DEFINE_int64(authn_token_validity_seconds, 0, : "Period of time for which an issued authentication token is valid." : "Specifying 0 means set maximum possible token validity time " : "without risking that the signing/verification key could expire " : "before the token itself."); : / I think I'd prefer that this be the user-configurable thing, since it's the one that most directly impacts user job lifetimes, etc. Then we can make the tsk_validity_seconds be computed by default as the token validity plus the rotation period. -- To view, visit http://gerrit.cloudera.org:8080/6071 To unsubscribe, visit http://gerrit.cloudera.org:8080/settings Gerrit-MessageType: comment Gerrit-Change-Id: I95bc64897ed16becda4ab8de6817695fdb48e9eb Gerrit-PatchSet: 2 Gerrit-Project: kudu Gerrit-Branch: master Gerrit-Owner: Alexey Serbin <[email protected]> Gerrit-Reviewer: Alexey Serbin <[email protected]> Gerrit-Reviewer: Dan Burkert <[email protected]> Gerrit-Reviewer: Kudu Jenkins Gerrit-Reviewer: Tidy Bot Gerrit-Reviewer: Todd Lipcon <[email protected]> Gerrit-HasComments: Yes
