[
https://issues.apache.org/jira/browse/HDFS-11053?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Kihwal Lee updated HDFS-11053:
------------------------------
Resolution: Fixed
Hadoop Flags: Reviewed
Fix Version/s: 3.0.0-alpha2
2.7.4
Status: Resolved (was: Patch Available)
Thanks for the reviews. I've committed it to trunk through branch-2.7.
> Unnecessary superuser check in versionRequest()
> -----------------------------------------------
>
> Key: HDFS-11053
> URL: https://issues.apache.org/jira/browse/HDFS-11053
> Project: Hadoop HDFS
> Issue Type: Bug
> Components: namenode, security
> Reporter: Kihwal Lee
> Assignee: Kihwal Lee
> Fix For: 2.7.4, 3.0.0-alpha2
>
> Attachments: HDFS-11053.patch
>
>
> The {{versionRequest()}} call does not return any sensitive information. It
> is mainly used for sanity checks. The presence of
> {{checkSuperuserPrivilege()}} forces users to run datanode as a hdfs
> superuser.
> In secure setup, a keytab obtained from a compromised datanode can allow the
> intruder to gain hdfs superuser privilege. We should allow datanodes to be
> run as non-hdfs-superuser by removing {{checkSuperuserPrivilege()}} from
> {{versionRequest()}}.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: hdfs-issues-unsubscr...@hadoop.apache.org
For additional commands, e-mail: hdfs-issues-h...@hadoop.apache.org
