[
https://issues.apache.org/jira/browse/HADOOP-1873?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Marco Nicosia updated HADOOP-1873:
----------------------------------
Description:
HADOOP-1298 and HADOOP-1701 add permissions and pluggable security for DFS
files and DFS accesses. Same users permission should work for Map/Reduce jobs
as well.
User persmission should propegate from client to map/reduce tasks and all the
file operations should be subject to user permissions. This is transparent to
the user (i.e. no changes to user code should be required).
was:
HADOOP-1298 and HADOOP-1701 add permissions and pluggable security for DFS
files and DFS accesses. Same users permission should work for Map/Reduce jobs
as well.
User persmission should propegate from client to map/reduce tasks and all the
file operations should be subject to user permissions. This is transparent to
the user (i.e. no changes to user code should be required).
hairong> It's recommended that the jobtracker is run as the
hairong> same user as the namenode.
User code cannot run as the same user as the HDFS daemons. If they run as same,
then user code has the ability to kill the HDFS daemons, which we've seen in
the past.
Additionally, we've reasoned that to be truly "data secure" the user code
cannot run as the same user as the owner of the HDFS hadoop/dfs/data
directories. User code could scan the host's filesystem (ufs, ext3, etc)
directories to read all user data.
Hadoop doesn't currently switch users before running user code. Even if it did,
that'd mean we'd have to run everything (NameNode, JobTracker) as root, which
would have a big impact as well.
hairong> If not, mapred system directory should be under a
hairong> directory which is writable by the user who starts
hairong> the namenode.
Wouldn't this result in a security hole?
> User permissions for Map/Reduce
> -------------------------------
>
> Key: HADOOP-1873
> URL: https://issues.apache.org/jira/browse/HADOOP-1873
> Project: Hadoop
> Issue Type: Improvement
> Reporter: Raghu Angadi
> Assignee: Hairong Kuang
> Attachments: mapred.patch, mapred2.patch
>
>
> HADOOP-1298 and HADOOP-1701 add permissions and pluggable security for DFS
> files and DFS accesses. Same users permission should work for Map/Reduce jobs
> as well.
> User persmission should propegate from client to map/reduce tasks and all the
> file operations should be subject to user permissions. This is transparent to
> the user (i.e. no changes to user code should be required).
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
