Date: Sun, 7 Mar 2010 22:36:30 -0800
Subject: Re: Security issue: hadoop fs shell bypass authentication?
From: awittena...@linkedin.com
To: common-user@hadoop.apache.org
Any user with access can impersonate any other user, including the hadoop
root user, without something like
On 3/8/10 11:06 AM, Michael Segel michael_se...@hotmail.com wrote:
The other issue is how secure is 'secure enough' ?
If you limit the physical access to the cloud, limit connectivity to the cloud
to certain 'choke' points, and then authenticate at the client level prior
to
connection,
On 3/6/10 10:41 PM, jiang licht licht_ji...@yahoo.com wrote:
I can feel that pain, Kerberos needs you to pull more hair from your head :) I
worked on it a while back and now only remember bit of it.
The only other real choice is PKI. CRLs? Blech. I'd much rather tie the
grid into my
On Mar 5, 2010, at 4:49 PM, Allen Wittenauer wrote:
On 3/5/10 1:57 PM, jiang licht licht_ji...@yahoo.com wrote:
So, this means that hadoop fs shell does not require any
authentication and
can be fired from anywhere?
There is no authentication/security layer in any released version of
Good to know and look forward to seeing next release of hadoop with such new
security features...
Thanks,
--
Michael
--- On Sat, 3/6/10, Owen O'Malley omal...@apache.org wrote:
From: Owen O'Malley omal...@apache.org
Subject: Re: Security issue: hadoop fs shell bypass authentication
,
--
Michael
--- On Sat, 3/6/10, Owen O'Malleyomal...@apache.org wrote:
From: Owen O'Malleyomal...@apache.org
Subject: Re: Security issue: hadoop fs shell bypass authentication?
To: common-user@hadoop.apache.org
Date: Saturday, March 6, 2010, 2:20 AM
On Mar 5, 2010, at 4:49 PM, Allen Wittenauer
with such
new security features...
�
Thanks,
--
Michael
--- On Sat, 3/6/10, Owen O'Malleyomal...@apache.org wrote:
From: Owen O'Malleyomal...@apache.org
Subject: Re: Security issue: hadoop fs shell bypass authentication?
To: common-user@hadoop.apache.org
Date: Saturday, March 6, 2010, 2:20
using, so, no worry actually ...
Thank,
--
Michael
--- On Sat, 3/6/10, Edward Capriolo edlinuxg...@gmail.com wrote:
From: Edward Capriolo edlinuxg...@gmail.com
Subject: Re: Security issue: hadoop fs shell bypass authentication?
To: common-user@hadoop.apache.org
Date: Saturday, March 6, 2010, 8
I am considering the following problem: if someone knows the master and ports
of a hadoop cluster, is he able to run hadoop fs shell to
read/write/update/delete data in the cluster without any authentication? Ofcoz,
the cluster should be built on top of an isolated island of private network,