[jira] [Commented] (YARN-8249) Few REST api's in RMWebServices are missing static user check

Thu, 10 May 2018 19:29:14 -0700 

    [ 
https://issues.apache.org/jira/browse/YARN-8249?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16471396#comment-16471396
 ] 

Hudson commented on YARN-8249:
------------------------------

SUCCESS: Integrated in Jenkins build Hadoop-trunk-Commit #14168 (See 
[https://builds.apache.org/job/Hadoop-trunk-Commit/14168/])
YARN-8249. Fixed few REST APIs in RMWebServices to have static-user (vinodkv: 
rev d76fbbc9b82e720d7d5188f9ae2f56a8d78f3a98)
* (edit) 
hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-resourcemanager/src/main/java/org/apache/hadoop/yarn/server/resourcemanager/webapp/RMWebServices.java
* (edit) 
hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-resourcemanager/src/test/java/org/apache/hadoop/yarn/server/resourcemanager/webapp/TestRMWebServices.java
* (edit) 
hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-resourcemanager/src/test/java/org/apache/hadoop/yarn/server/resourcemanager/webapp/TestRMWebServicesHttpStaticUserPermissions.java
* (edit) 
hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-common/src/main/java/org/apache/hadoop/yarn/server/webapp/WebServices.java
* (edit) 
hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-applicationhistoryservice/src/main/java/org/apache/hadoop/yarn/server/applicationhistoryservice/webapp/AHSWebServices.java


> Few REST api's in RMWebServices are missing static user check
> -------------------------------------------------------------
>
>                 Key: YARN-8249
>                 URL: https://issues.apache.org/jira/browse/YARN-8249
>             Project: Hadoop YARN
>          Issue Type: Improvement
>          Components: webapp, yarn
>    Affects Versions: 3.1.0
>            Reporter: Sunil G
>            Assignee: Sunil G
>            Priority: Critical
>         Attachments: YARN-8249.001.patch, YARN-8249.002.patch, 
> YARN-8249.003.patch, YARN-8249.004.patch, YARN-8249.005.patch, 
> YARN-8249.006.patch
>
>
> Few REST endpoints like node label/ scheduler-conf etc are missing static 
> user validation check. Writable apis should not be ran for static users. This 
> is not a security hole as such as yarn.admin.acls will be configured to 
> certain users in secure cluster correctly. However such a check will help to 
> have same semantics across various apis. 



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

---------------------------------------------------------------------
To unsubscribe, e-mail: yarn-issues-unsubscr...@hadoop.apache.org
For additional commands, e-mail: yarn-issues-h...@hadoop.apache.org

Reply via email to