[jira] [Comment Edited] (FALCON-11) Add support for security in Falcon

Thu, 06 Feb 2014 17:02:13 -0800 

    [ 
https://issues.apache.org/jira/browse/FALCON-11?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13894057#comment-13894057
 ] 

Arpit Gupta edited comment on FALCON-11 at 2/7/14 12:58 AM:
------------------------------------------------------------

bq. Can the blacklisted users be defaulted to maintain compatibility

I agree with [~svenkat] that having defaults is not helpful. Users can start 
the services as any arbitrary users then these black listed users such as 
falcon, hdfs etc do not make sense. Furthermore if that is the case then we 
dont to block calls for hdfs or falcon user. I like the idea of this feature 
but i believe the default should be an empty list. The same issue exists with 
startup properties. We dont know which users these services will be running as 
so blocking them by default does not help.


was (Author: arpitgupta):
bq. Can the blacklisted users be defaulted to maintain compatibility

I agree with [~svenkat] that having defaults is not helpful. Users can start 
the services as any arbitrary users then these black listed users such as 
falcon, hdfs etc. If that is the case then we dont to block calls for hdfs or 
falcon user. I like the idea of this feature but i believe the default should 
be an empty list. The same issue exists with startup properties. We dont know 
which users these services will be running as so blocking them by default does 
not help.

> Add support for security in Falcon
> ----------------------------------
>
>                 Key: FALCON-11
>                 URL: https://issues.apache.org/jira/browse/FALCON-11
>             Project: Falcon
>          Issue Type: Improvement
>    Affects Versions: 0.3
>            Reporter: Venkatesh Seetharam
>            Assignee: Venkatesh Seetharam
>              Labels: security
>         Attachments: FALCON-11.patch
>
>   Original Estimate: 336h
>  Remaining Estimate: 336h
>
> The following is the break up of tasks for Falcon to be secure and work with 
> secure Hadoop.
> 1. Secure Falcon daemon - needs to login with keytabs
> 2. Secure Hadoop client interface - HDFS
> 3. Secure Oozie client interface
> 4. Secure Falcon Web Interface
> 5. Secure Falcon Client Interface
> ..etc.



--
This message was sent by Atlassian JIRA
(v6.1.5#6160)

Reply via email to