[jira] [Commented] (MAPREDUCE-3761) AM info in job -list does not reflect the actual AM hostname

Tue, 28 Feb 2012 20:30:58 -0800 

    [ 
https://issues.apache.org/jira/browse/MAPREDUCE-3761?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13218896#comment-13218896
 ] 

Vinod Kumar Vavilapalli commented on MAPREDUCE-3761:
----------------------------------------------------

What we really want to show is the AM hostname, either through the 
scheduling-Info field or another.

bq. If an end user sees this output they are going to copy and past this into 
the browser and go to that link. If the AM is well behaved it will redirect the 
user back through the proxy, but if the AM is malicious, it will do exactly 
what the proxy is intended to help mitigate.
This clearly seems like an issue with proxy or the AMs. We cannot rely on the 
fact that users will behave properly and will always click through the proxy 
for the sake of security. I agree that exposing this directly reduces security 
that exists today but this is as good as anyone doing an RPC call to figure out 
where an AM is running.

The real issue (if there is one) is that AMs accept requests that do not 
originate from the proxy. We should fix that if at all, instead of trying to 
avoid users from not seeing information like this. What do you think?

                
> AM info in job -list does not reflect the actual AM hostname
> ------------------------------------------------------------
>
>                 Key: MAPREDUCE-3761
>                 URL: https://issues.apache.org/jira/browse/MAPREDUCE-3761
>             Project: Hadoop Map/Reduce
>          Issue Type: Improvement
>          Components: mrv2
>    Affects Versions: 0.23.1
>            Reporter: Ramya Sunil
>            Assignee: Vinod Kumar Vavilapalli
>             Fix For: 0.23.1
>
>         Attachments: MAPREDUCE-3761-20120202.txt, 
> MAPREDUCE-3761-20120214.1.txt
>
>
> The AM info field on "bin/mapred job -list" currently has a value 
> <resourcemanager hostname>:8088/proxy/appID. This info is irrelevant unless 
> it shows the real information of where the AM was launched. This needs to be 
> fixed to show the AM host details.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: 
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

Reply via email to