On 10/4/08 11:54 PM, "Dmitry Pushkarev" <[EMAIL PROTECTED]> wrote: > Here is the question: how secure hadoop is? (or let's say foolproof)
I'd hope it was fairly well known that Hadoop is not secure. At all. > What we're seeing here is open hadoop cluster, where anyone who capable of > installing hadoop and changing his username to webcrawl can use their > cluster and read their data, even though firewall is perfectly installed and > ports like ssh are filtered to outsiders. The firewall is likely blocking everything <1024, but making the (bad) assumption that anything in the ephemeral range is 'safe'. A common misconfiguration. In any case, the hadoop ports should be blocked to the outside world. > Can we propose to developers to introduce some basic user-management and > access controls to help hadoop make one step further towards > production-quality system? https://issues.apache.org/jira/browse/HADOOP-1701 , https://issues.apache.org/jira/browse/HADOOP-1741 , https://issues.apache.org/jira/browse/HADOOP-3854 , https://issues.apache.org/jira/browse/HADOOP-4343 , ... amongst others. > And, by the way add robots.txt to default distribution. https://issues.apache.org/jira/browse/HADOOP-3397