-Re: Fostering a Hadoop security dev community
Alejandro Abdelnur 2013-06-20, 17:31
This sounds great,
Is this restricted to the Hadoop project itself or the intention is to
cover the whole Hadoop ecosystem? If the later, how are you planning to
engage and sync up with the different projects?
On Thu, Jun 20, 2013 at 9:45 AM, Larry McCay <[EMAIL PROTECTED]> wrote:
> It would be great to have dedicated resources like these.
> One thing missing for cross cutting concerns like security is a source of
> truth for a holistic view of the entire model.
> A dedicated wiki space would allow for this view and facilitate the filing
> of Jiras that align with the big picture.
> On Thu, Jun 20, 2013 at 12:31 PM, Kevin Minder <
> [EMAIL PROTECTED]
> > wrote:
> > Hi PMCs & Everyone,
> > There are a number of significant, complex and overlapping efforts
> > underway to improve the Hadoop security model. Many involved are
> > struggling to form this into a cohesive whole across the numerous Jiras
> > within the traffic of common-dev. There has been a suggestion made that
> > having two additional pieces of infrastructure might help.
> > 1) Establish a security-dev mailing list similar to hdfs-dev, yarn-dev,
> > mapreduce-dev, etc. that would help us have more focused interaction on
> > non-vulnerability security topics. I understand that this might
> > common-dev somewhat but the benefits might outweigh that.
> > 2) Establish a corner of the wiki were cross cutting security design
> > be worked out more collaboratively than a doc rev upload mechanism. I
> > if we don't have this we will end up collaborating outside Apache
> > infrastructure which seems inappropriate. I understand the risk of
> > context in the individual Jiras but again my sense is that the
> > provided will outweigh the risk.
> > I'm open to and interested in other suggestions for how others have
> > these types of cross cutting collaboration challenges.
> > Thanks.
> > Kevin.