[
https://issues.apache.org/jira/browse/YARN-617?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13645896#comment-13645896
]
Vinod Kumar Vavilapalli commented on YARN-617:
----------------------------------------------
bq. If a token is available, the RPC client will attempt SASL DIGEST-MD5
regardless of the client's security conf. Isn't this sufficient to allow
container tokens to always be used for authentication?
Agreed, I should have been more clearer. At YARN-613, we are trying to change
the auth to use AMTokens and authorization will continue to be via
ContainerTokens. In that sense, yes, we don't need this separation, but
YARN-613 will do that anyways, so we may as well do it here.
bq. A RPC server also enables SASL DIGEST-MD5 if a secret manager is active.
Off topic, but this is what I guessed is the reason underlying YARN-626, do you
know when this got merged into branch-2?
> In unsercure mode, AM can fake resource requirements
> -----------------------------------------------------
>
> Key: YARN-617
> URL: https://issues.apache.org/jira/browse/YARN-617
> Project: Hadoop YARN
> Issue Type: Sub-task
> Reporter: Vinod Kumar Vavilapalli
> Assignee: Vinod Kumar Vavilapalli
> Priority: Minor
>
> Without security, it is impossible to completely avoid AMs faking resources.
> We can at the least make it as difficult as possible by using the same
> container tokens and the RM-NM shared key mechanism over unauthenticated
> RM-NM channel.
> In the minimum, this will avoid accidental bugs in AMs in unsecure mode.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
