hadoop-common-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Hudson (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HADOOP-10863) KMS should have a blacklist for decrypting EEKs
Date Thu, 04 Sep 2014 11:22:52 GMT

    [ https://issues.apache.org/jira/browse/HADOOP-10863?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14121250#comment-14121250
] 

Hudson commented on HADOOP-10863:
---------------------------------

FAILURE: Integrated in Hadoop-Yarn-trunk #670 (See [https://builds.apache.org/job/Hadoop-Yarn-trunk/670/])
HADOOP-10863. KMS should have a blacklist for decrypting EEKs. (asuresh via tucu) (tucu: rev
d9a03e272adbf3e9fde501610400f18fb4f6b865)
* hadoop-common-project/hadoop-kms/src/main/java/org/apache/hadoop/crypto/key/kms/server/KMSACLs.java
* hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/authorize/AccessControlList.java
* hadoop-common-project/hadoop-kms/src/test/java/org/apache/hadoop/crypto/key/kms/server/TestKMSACLs.java
* hadoop-common-project/hadoop-kms/src/test/java/org/apache/hadoop/crypto/key/kms/server/TestKMS.java
* hadoop-common-project/hadoop-kms/src/site/apt/index.apt.vm
* hadoop-common-project/hadoop-kms/src/main/java/org/apache/hadoop/crypto/key/kms/server/KMS.java
* hadoop-common-project/hadoop-common/CHANGES.txt


> KMS should have a blacklist for decrypting EEKs
> -----------------------------------------------
>
>                 Key: HADOOP-10863
>                 URL: https://issues.apache.org/jira/browse/HADOOP-10863
>             Project: Hadoop Common
>          Issue Type: Improvement
>          Components: security
>    Affects Versions: 3.0.0
>            Reporter: Alejandro Abdelnur
>            Assignee: Arun Suresh
>             Fix For: 2.6.0
>
>         Attachments: HADOOP-10863.1.patch, HADOOP-10863.2.patch, HADOOP-10863.3.patch,
HADOOP-10863.4.patch, HADOOP-10863.5.patch
>
>
> In particular, we'll need to put HDFS admin user there by default to prevent an HDFS
admin from getting file encryption keys.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message