ranger-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Madhan Neethiraj (Jira)" <j...@apache.org>
Subject [jira] [Updated] (RANGER-785) Ranger plugins should support a formal notion of super user
Date Wed, 01 Apr 2020 07:29:00 GMT

     [ https://issues.apache.org/jira/browse/RANGER-785?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Madhan Neethiraj updated RANGER-785:
------------------------------------
    Component/s: plugins
        Summary: Ranger plugins should support a formal notion of super user  (was: Service
definitions should support a formal notion of super user)

> Ranger plugins should support a formal notion of super user
> -----------------------------------------------------------
>
>                 Key: RANGER-785
>                 URL: https://issues.apache.org/jira/browse/RANGER-785
>             Project: Ranger
>          Issue Type: Improvement
>          Components: plugins
>            Reporter: Alok Lal
>            Assignee: Madhan Neethiraj
>            Priority: Major
>
> Most services that we authorize have some notion of superuser.
> # hbase has a property which lists the superuse id.  Ranger plugin skips most authorizations
for that superuser.
> # In case of kafka unless proper policies exist for the service user cluster won't come
up.
> # At other times people have asked that auditing be done differently for the service
user.
> One way to remedy these is to add a formal notion of a superuser for a service and deal
with it appropriately during service creation, during authorization in the plugin, etc.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

Mime
View raw message