hadoop-common-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Daryn Sharp (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HADOOP-15162) UserGroupInformation.createRemoteUser hardcode authentication method to SIMPLE
Date Tue, 09 Jan 2018 00:29:00 GMT

    [ https://issues.apache.org/jira/browse/HADOOP-15162?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16317414#comment-16317414

Daryn Sharp commented on HADOOP-15162:

bq. In summary, proxy user ACL should be checked for simple security instead of reliance on
As stated earlier, proxy privs are always checked for non-token connections.

bq. isSecurityEnabled( gives a false sense that proxy user ACL shouldn't be checked which
leading to use of UserGroupInformation.createRemoteUser(remoteUser) in server code, which
is a bad practice for not verifying the credential of current server user.
It's not bad practice for a server to use createRemoteUser – that's why it exists.  What
does "verifying the credential of current server user" mean when security is disabled and
there are no credentials?

> UserGroupInformation.createRemoteUser hardcode authentication method to SIMPLE
> ------------------------------------------------------------------------------
>                 Key: HADOOP-15162
>                 URL: https://issues.apache.org/jira/browse/HADOOP-15162
>             Project: Hadoop Common
>          Issue Type: Bug
>          Components: security
>            Reporter: Eric Yang
> {{UserGroupInformation.createRemoteUser(String user)}} is hard coded Authentication method
to SIMPLE by HADOOP-10683.  This by passed proxyuser ACL check, isSecurityEnabled check, and
allow caller to impersonate as anyone.  This method could be abused in the main code base,
which can cause part of Hadoop to become insecure without proxyuser check for both SIMPLE
or Kerberos enabled environment.

This message was sent by Atlassian JIRA

To unsubscribe, e-mail: common-issues-unsubscribe@hadoop.apache.org
For additional commands, e-mail: common-issues-help@hadoop.apache.org

View raw message