Hi Luke,
Can I set "dfs.block.access.token.lifetime" to two minutes?
2013/11/18 lei liu
> Thanks Luke for your reply.
>
> The life time of block access token is ten hours, whether we should
> change two minutes? I think the shorter the life time of the token, token less
> likely to be stol
Thanks Luke for your reply.
The life time of block access token is ten hours, whether we should change two
minutes? I think the shorter the life time of the token, token less likely to
be stolen.
2013/11/14 Luke Lu
> Block access token is only valid for a short period of time, as the NN/DN
>
Block access token is only valid for a short period of time, as the NN/DN
shared secrets are rolled periodically. As long as you cannot steal block
token easily (besides using zero-day bugs), there is really no security
hole here (by design). If you know of a way to steal block tokens without
root
