[YARN-8249] Few REST api's in RMWebServices are missing static user check - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Resolved
Priority: Critical
Resolution: Fixed
Affects Version/s: 3.1.0
Fix Version/s: 2.10.0, 3.2.0, 3.1.1
Component/s: webapp, yarn
Labels:
None

Target Version/s:

2.8.4, 3.1.1, 2.9.2, 3.0.3
Hadoop Flags:

Reviewed

Description

Few REST endpoints like node label/ scheduler-conf etc are missing static user validation check. Writable apis should not be ran for static users. This is not a security hole as such as yarn.admin.acls will be configured to certain users in secure cluster correctly. However such a check will help to have same semantics across various apis.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

YARN-8249.branch-2.001.patch
11/May/18 10:39
39 kB
Sunil G
YARN-8249.006.patch
10/May/18 23:14
38 kB
Vinod Kumar Vavilapalli
YARN-8249.005.patch
10/May/18 17:30
39 kB
Sunil G
YARN-8249.004.patch
10/May/18 15:51
30 kB
Sunil G
YARN-8249.003.patch
09/May/18 05:17
30 kB
Sunil G
YARN-8249.002.patch
05/May/18 04:57
21 kB
Sunil G
YARN-8249.001.patch
04/May/18 18:34
18 kB
Sunil G

Activity

People

Assignee:: Sunil G

Reporter:: Sunil G

Votes:: 0 Vote for this issue

Watchers:: 4 Start watching this issue

Dates

Created:: 04/May/18 16:50

Updated:: 16/May/18 06:48

Resolved:: 16/May/18 06:48