[jira] [Commented] (MAPREDUCE-3231) Improve Application Master And Job History UI Security

Fri, 21 Oct 2011 01:33:03 -0700 

    [ 
https://issues.apache.org/jira/browse/MAPREDUCE-3231?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13132511#comment-13132511
 ] 

Luke Lu commented on MAPREDUCE-3231:
------------------------------------

If I understand your proposal correctly, you're trying to invent a less 
powerful but "more secure" alternative language to html/js/css for a trusted 
web server (essentially a proxy) to assemble html/js/css for end users. Besides 
the complexity of the approach (e.g., you'll have to at least invent a robust 
stream based json parser that can handle adversarial long name and values, 
which doesn't exist yet (with a compatible open source license anyway), which 
you seem to underestimate, it's a non-starter for deployments that do not 
require such security and/or have a commercial transparent proxy that can 
handle the webapp security just fine. A fundamental requirement for hadoop 
security is that it must be optional and pluggable. Your proposal requires 
people to rewrite their webapps in your extremely restrictive way. It's 
fundamentally wrong on so many levels. The web proxy design (in MAPREDUCE-2858) 
in conjunction with code whitelisting can give user complete freedom in AM UI 
design, while adequately ensure security when it's needed.

I'm strongly -1 on any proposal that impose mandatory significant restriction 
on people's freedom to create their own web UI in the cloud/cluster/grid.
                
> Improve Application Master And Job History UI Security
> ------------------------------------------------------
>
>                 Key: MAPREDUCE-3231
>                 URL: https://issues.apache.org/jira/browse/MAPREDUCE-3231
>             Project: Hadoop Map/Reduce
>          Issue Type: Improvement
>          Components: mrv2
>    Affects Versions: 0.23.0
>            Reporter: Robert Joseph Evans
>            Assignee: Robert Joseph Evans
>         Attachments: AMWebSecurityProposal.pdf
>
>
> I propose a stripped down JSON based protocol for creating safe user generate 
> web pages.  This JIRA is intended first of all as a place for a discussion 
> about this proposal, and then if there are no serious objections this will be 
> an Umbrella JIRA to implement the changes proposed.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: 
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

Reply via email to