[jira] [Commented] (MAPREDUCE-3175) Yarn httpservers not created with access Control lists

Thu, 27 Oct 2011 06:42:53 -0700 

    [ 
https://issues.apache.org/jira/browse/MAPREDUCE-3175?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13137130#comment-13137130
 ] 

Hudson commented on MAPREDUCE-3175:
-----------------------------------

Integrated in Hadoop-Hdfs-trunk #845 (See 
[https://builds.apache.org/job/Hadoop-Hdfs-trunk/845/])
    MAPREDUCE-3175. Add authorization to admin web-pages such as /stacks, /jmx 
etc. Contributed by Jonathan Eagles.

acmurthy : 
http://svn.apache.org/viewcvs.cgi/?root=Apache-SVN&view=rev&rev=1189619
Files : 
* /hadoop/common/trunk/hadoop-mapreduce-project/CHANGES.txt
* 
/hadoop/common/trunk/hadoop-mapreduce-project/hadoop-yarn/hadoop-yarn-common/src/main/java/org/apache/hadoop/yarn/security/AdminACLsManager.java
* 
/hadoop/common/trunk/hadoop-mapreduce-project/hadoop-yarn/hadoop-yarn-common/src/main/java/org/apache/hadoop/yarn/webapp/WebApps.java
* 
/hadoop/common/trunk/hadoop-mapreduce-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-common/src/main/java/org/apache/hadoop/yarn/server/security/ApplicationACLsManager.java

                
> Yarn httpservers not created with access Control lists
> ------------------------------------------------------
>
>                 Key: MAPREDUCE-3175
>                 URL: https://issues.apache.org/jira/browse/MAPREDUCE-3175
>             Project: Hadoop Map/Reduce
>          Issue Type: Sub-task
>          Components: mrv2
>    Affects Versions: 0.23.0
>            Reporter: Thomas Graves
>            Assignee: Jonathan Eagles
>            Priority: Blocker
>         Attachments: MAPREDUCE-3175.patch, MAPREDUCE-3175.patch, 
> MAPREDUCE-3175.patch, MAPREDUCE-3175.patch, MAPREDUCE-3175.patch
>
>
> RM, NM, job history, and application master httpservers are not created with 
> access Control lists. I believe this means that anyone can access any of the 
> standard servlets that check to see if the user has administrator access - 
> like /jmx, /stacks, etc and ops has no way to restrict access to these things.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: 
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

Reply via email to