[ https://issues.apache.org/jira/browse/MAPREDUCE-3175?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Jonathan Eagles updated MAPREDUCE-3175: --------------------------------------- Status: Patch Available (was: Open) > Yarn httpservers not created with access Control lists > ------------------------------------------------------ > > Key: MAPREDUCE-3175 > URL: https://issues.apache.org/jira/browse/MAPREDUCE-3175 > Project: Hadoop Map/Reduce > Issue Type: Sub-task > Components: mrv2 > Affects Versions: 0.23.0 > Reporter: Thomas Graves > Assignee: Jonathan Eagles > Priority: Blocker > Attachments: MAPREDUCE-3175.patch, MAPREDUCE-3175.patch, > MAPREDUCE-3175.patch, MAPREDUCE-3175.patch > > > RM, NM, job history, and application master httpservers are not created with > access Control lists. I believe this means that anyone can access any of the > standard servlets that check to see if the user has administrator access - > like /jmx, /stacks, etc and ops has no way to restrict access to these things. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa For more information on JIRA, see: http://www.atlassian.com/software/jira