Keys Botzum created DRILL-4627:
----------------------------------
Summary: Drill should protect data placed into Zookeeper/ZK
Key: DRILL-4627
URL: https://issues.apache.org/jira/browse/DRILL-4627
Project: Apache Drill
Issue Type: Bug
Reporter: Keys Botzum
Priority: Minor
Drill is striving to improve it's security posture and is improving rapidly.
One key item in a secure system is protection of all relevant data that an
attacker could use to cause harm. Today Drill does not protect the data in ZK.
This means that an attacker could alter it.
I recommend that Drill create appropriate ZK ACLs on the data in ZK and
establish an appropriate authentication mechanism to ZK - that's likely
Kerberos for most Hadoop clusters but MapR Native Security for MapR.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
