Kevin Minder 2013-06-20, 16:31
It would be great to have dedicated resources like these.
One thing missing for cross cutting concerns like security is a source of
truth for a holistic view of the entire model.
A dedicated wiki space would allow for this view and facilitate the filing
of Jiras that align with the big picture.
On Thu, Jun 20, 2013 at 12:31 PM, Kevin Minder <[EMAIL PROTECTED]
> Hi PMCs & Everyone,
> There are a number of significant, complex and overlapping efforts
> underway to improve the Hadoop security model. Many involved are
> struggling to form this into a cohesive whole across the numerous Jiras and
> within the traffic of common-dev. There has been a suggestion made that
> having two additional pieces of infrastructure might help.
> 1) Establish a security-dev mailing list similar to hdfs-dev, yarn-dev,
> mapreduce-dev, etc. that would help us have more focused interaction on
> non-vulnerability security topics. I understand that this might "devalue"
> common-dev somewhat but the benefits might outweigh that.
> 2) Establish a corner of the wiki were cross cutting security design could
> be worked out more collaboratively than a doc rev upload mechanism. I fear
> if we don't have this we will end up collaborating outside Apache
> infrastructure which seems inappropriate. I understand the risk of losing
> context in the individual Jiras but again my sense is that the cohesiveness
> provided will outweigh the risk.
> I'm open to and interested in other suggestions for how others have solved
> these types of cross cutting collaboration challenges.
Alejandro Abdelnur 2013-06-20, 17:31
Andrew Purtell 2013-06-20, 20:01
Aaron T. Myers 2013-06-24, 19:15
Andrew Purtell 2013-06-24, 23:38
Andrew Purtell 2013-06-24, 20:13
Zheng, Kai 2013-06-20, 17:49
Larry McCay 2013-06-20, 17:54
Roman Shaposhnik 2013-06-21, 01:00
Larry McCay 2013-06-20, 17:46
Aaron T. Myers 2013-06-24, 19:09