New revision...
I have incorporated additions from Mike and added a [DEFAULT] tag to those
items that should be considered for Secure by Default settings.
I am hoping that we can close down on the actual lists shortly and move to
discussing the meta points on how/when to require the completion of
Thanks for the examples, Mike.
I think some of those should actually just be added to the checklist in
other places as they are best practices.
Which raises an interesting point that some of those items can be enabled
by default and maybe indicating so throughout the list makes sense.
Then we can
Terrific additions, Mike!
I will spin a new revision and incorporate your additions.
#8 is a great topic - given that Hadoop is insecure by default.
Actual movement to Secure by Default would be a challenge both technically
(given the need for kerberos) and discussion-wise.
Asking whether you have
Looks good and +1 for markdown documentations to provide per release
specific information.
On Sat, Oct 21, 2017 at 8:47 AM, larry mccay wrote:
> New Revision...
>
> This revision acknowledges the reality that we often have multiple phases
> of feature lifecycle and that we need to account for ea
New Revision...
This revision acknowledges the reality that we often have multiple phases
of feature lifecycle and that we need to account for each phase.
It has also been made more generic.
I have created a Tech Preview Security Audit list and a GA Readiness
Security Audit list.
I've also include
Hi Marton -
I don't think there is any denying that it would be great to have such
documentation for all of those reasons.
If it is a natural extension of getting the checklist information as an
assertion of security state when merging then we can certainly include it.
I think that backfilling al
On 10/21/2017 02:41 AM, larry mccay wrote:
"We might want to start a security section for Hadoop wiki for each of the
services and components.
This helps to track what has been completed."
Do you mean to keep the audit checklist for each service and component
there?
Interesting idea, I wond
Hi Eric -
Thanks for the additional item suggestions!
"We might want to start a security section for Hadoop wiki for each of the
services and components.
This helps to track what has been completed."
Do you mean to keep the audit checklist for each service and component
there?
Interesting idea,
The check list looks good. Some more items to add:
Kerberos
TGT renewal
SPNEGO support
Delegation token
Proxy User ACL
CVE tracking list
We might want to start a security section for Hadoop wiki for each of the
services and components.
This helps to track what has been completed.
How do
Adding security@hadoop list as well...
On Fri, Oct 20, 2017 at 2:29 PM, larry mccay wrote:
> All -
>
> Given the maturity of Hadoop at this point, I would like to propose that
> we start doing explicit security audits of features at merge time.
>
> There are a few reasons that I think this is a
All -
Given the maturity of Hadoop at this point, I would like to propose that we
start doing explicit security audits of features at merge time.
There are a few reasons that I think this is a good place/time to do the
review:
1. It represents a specific snapshot of where the feature stands as a
11 matches
Mail list logo