Allen Wittenauer created HADOOP-10878: -----------------------------------------
Summary: Hadoop servlets need ACLs Key: HADOOP-10878 URL: https://issues.apache.org/jira/browse/HADOOP-10878 Project: Hadoop Common Issue Type: Bug Components: security Reporter: Allen Wittenauer As far as I'm aware, once a user gets past the HTTP-level authentication, all servlets available on that port are available to the user. This is a security hole as there is some information and services that we don't want every user to be able to access or only want them to access from certain locations. -- This message was sent by Atlassian JIRA (v6.2#6252)