[
https://issues.apache.org/jira/browse/YARN-8249?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16464625#comment-16464625
]
Sunil G commented on YARN-8249:
-------------------------------
Updated patch.
One major change in this patch is that we are not throwing 403 Forbidden
exception instead of creating 403 response. This is to be handle all such error
in a unique way.
cc [~leftnoteasy] and [~rohithsharma] pls help to review.
> Few REST api's in RMWebServices are missing static user check
> -------------------------------------------------------------
>
> Key: YARN-8249
> URL: https://issues.apache.org/jira/browse/YARN-8249
> Project: Hadoop YARN
> Issue Type: Improvement
> Components: webapp, yarn
> Affects Versions: 3.1.0
> Reporter: Sunil G
> Assignee: Sunil G
> Priority: Critical
> Attachments: YARN-8249.001.patch, YARN-8249.002.patch
>
>
> Few REST endpoints like node label/ scheduler-conf etc are missing static
> user validation check. Writable apis should not be ran for static users. This
> is not a security hole as such as yarn.admin.acls will be configured to
> certain users in secure cluster correctly. However such a check will help to
> have same semantics across various apis.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
