flink-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "ASF GitHub Bot (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (FLINK-3930) Implement Service-Level Authorization
Date Thu, 01 Sep 2016 14:15:23 GMT

    [ https://issues.apache.org/jira/browse/FLINK-3930?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15455520#comment-15455520

ASF GitHub Bot commented on FLINK-3930:

Github user rmetzger commented on a diff in the pull request:

    --- Diff: flink-yarn/src/main/java/org/apache/flink/yarn/YarnApplicationMasterRunner.java
    @@ -597,6 +610,11 @@ public static ContainerLaunchContext createTaskManagerContext(
     		containerEnv.put(YarnConfigKeys.ENV_CLIENT_USERNAME, yarnClientUsername);
    +		final String secureCookie = ENV.get(YarnConfigKeys.ENV_SECURE_AUTH_COOKIE);
    +		if(secureCookie != null) {
    +			containerEnv.put(YarnConfigKeys.ENV_SECURE_AUTH_COOKIE, secureCookie);
    --- End diff --
    The problem here is that the secure cookie will be put into the environment of the TaskManager
JVM, so it'll be quite easy to just read the environment variables (not sure if that is an
    Another issue is that YARN is by default launching processes by creating a temporary bash
file, with all the environment variables and the JVM invocation. So the secure cookie will
be written into some tmp directory on YARN.
    I wonder if there's some infrastructure in YARN to transfer the tokens in a secure way.

> Implement Service-Level Authorization
> -------------------------------------
>                 Key: FLINK-3930
>                 URL: https://issues.apache.org/jira/browse/FLINK-3930
>             Project: Flink
>          Issue Type: New Feature
>          Components: Security
>            Reporter: Eron Wright 
>            Assignee: Vijay Srinivasaraghavan
>              Labels: security
>   Original Estimate: 672h
>  Remaining Estimate: 672h
> _This issue is part of a series of improvements detailed in the [Secure Data Access|https://docs.google.com/document/d/1-GQB6uVOyoaXGwtqwqLV8BHDxWiMO2WnVzBoJ8oPaAs/edit?usp=sharing]
design doc._
> Service-level authorization is the initial authorization mechanism to ensure clients
(or servers) connecting to the Flink cluster are authorized to do so.   The purpose is to
prevent a cluster from being used by an unauthorized user, whether to execute jobs, disrupt
cluster functionality, or gain access to secrets stored within the cluster.
> Implement service-level authorization as described in the design doc.
> - Introduce a shared secret cookie
> - Enable Akka security cookie
> - Implement data transfer authentication
> - Secure the web dashboard

This message was sent by Atlassian JIRA

View raw message