[
https://issues.apache.org/jira/browse/HADOOP-2614?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12559376#action_12559376
]
Tsz Wo (Nicholas), SZE commented on HADOOP-2614:
------------------------------------------------
> My security hackles get raised by introducing a bunch of pseudo-security,
> like this, but I can see the point.
This one is just a short-term fix. We have to introduce web login for
long-term solution.
> We should probably make a configuration option that completely disables the
> http browsing and hftp servlets in hdfs.
>
> The hftp servlet should use the same user as the http browser, since they are
> roughly the same functionality in different formats.
This is a good idea. I will think about how to do it.
> dfs web interfaces should run as a configurable user account
> ------------------------------------------------------------
>
> Key: HADOOP-2614
> URL: https://issues.apache.org/jira/browse/HADOOP-2614
> Project: Hadoop
> Issue Type: Bug
> Components: dfs
> Reporter: Tsz Wo (Nicholas), SZE
> Assignee: Tsz Wo (Nicholas), SZE
> Attachments: 2614_20080115.patch
>
>
> Currently, web interfaces (i.e. browseDirectory.jsp, browseBlock.jsp, etc.)
> run in each Datanode. The web interfaces use the corresponding Datanode
> account (the user who ever started the Datanode) to connect to Namenode.
> Usually, Datanodes are started by administrators. As a consequence, the web
> interfaces have administrator access, which is undesirable. The web
> interfaces account should be configurable.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
