[jira] [Updated] (HADOOP-10863) KMS should have a blacklist for decrypting EEKs

Alejandro Abdelnur (JIRA) Wed, 03 Sep 2014 15:22:11 -0700

     [ 
https://issues.apache.org/jira/browse/HADOOP-10863?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Alejandro Abdelnur updated HADOOP-10863:
----------------------------------------
       Resolution: Fixed
    Fix Version/s: 2.6.0
     Hadoop Flags: Reviewed
           Status: Resolved  (was: Patch Available)

Thanks Arun. Committed to trunk and branch-2.

> KMS should have a blacklist for decrypting EEKs
> -----------------------------------------------
>
>                 Key: HADOOP-10863
>                 URL: https://issues.apache.org/jira/browse/HADOOP-10863
>             Project: Hadoop Common
>          Issue Type: Improvement
>          Components: security
>    Affects Versions: 3.0.0
>            Reporter: Alejandro Abdelnur
>            Assignee: Arun Suresh
>             Fix For: 2.6.0
>
>         Attachments: HADOOP-10863.1.patch, HADOOP-10863.2.patch, 
> HADOOP-10863.3.patch, HADOOP-10863.4.patch, HADOOP-10863.5.patch
>
>
> In particular, we'll need to put HDFS admin user there by default to prevent 
> an HDFS admin from getting file encryption keys.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Updated] (HADOOP-10863) KMS should have a blacklist for decrypting EEKs

Reply via email to