[jira] [Updated] (DRILL-4627) Drill should protect data placed into Zookeeper/ZK

Keys Botzum (JIRA) Tue, 30 Aug 2016 14:44:53 -0700

     [ 
https://issues.apache.org/jira/browse/DRILL-4627?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Keys Botzum updated DRILL-4627:
-------------------------------
    Labels: security  (was: )

> Drill should protect data placed into Zookeeper/ZK
> --------------------------------------------------
>
>                 Key: DRILL-4627
>                 URL: https://issues.apache.org/jira/browse/DRILL-4627
>             Project: Apache Drill
>          Issue Type: Bug
>            Reporter: Keys Botzum
>            Priority: Minor
>              Labels: security
>
> Drill is striving to improve it's security posture and is improving rapidly.
> One key item in a secure system is protection of all relevant data that an 
> attacker could use to cause harm. Today Drill does not protect the data in 
> ZK. This means that an attacker could alter it.
> I recommend that Drill create appropriate ZK ACLs on the data in ZK and 
> establish an appropriate authentication mechanism to ZK - that's likely 
> Kerberos for most Hadoop clusters but MapR Native Security for MapR.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Updated] (DRILL-4627) Drill should protect data placed into Zookeeper/ZK

Reply via email to