[
https://issues.apache.org/jira/browse/HADOOP-2614?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12559286#action_12559286
]
Owen O'Malley commented on HADOOP-2614:
---------------------------------------
My security hackles get raised by introducing a bunch of pseudo-security, like
this, but I can see the point.
We should probably make a configuration option that completely disables the
http browsing and hftp servlets in hdfs.
The hftp servlet should use the same user as the http browser, since they are
roughly the same functionality in different formats.
> dfs web interfaces should run as a configurable user account
> ------------------------------------------------------------
>
> Key: HADOOP-2614
> URL: https://issues.apache.org/jira/browse/HADOOP-2614
> Project: Hadoop
> Issue Type: Bug
> Components: dfs
> Reporter: Tsz Wo (Nicholas), SZE
> Assignee: Tsz Wo (Nicholas), SZE
> Attachments: 2614_20080115.patch
>
>
> Currently, web interfaces (i.e. browseDirectory.jsp, browseBlock.jsp, etc.)
> run in each Datanode. The web interfaces use the corresponding Datanode
> account (the user who ever started the Datanode) to connect to Namenode.
> Usually, Datanodes are started by administrators. As a consequence, the web
> interfaces have administrator access, which is undesirable. The web
> interfaces account should be configurable.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
