I'm in favor of this in general, though I do think the proper way to do it
isn't obvious to me, given the cross-project nature of the goal.
On Thu, Jun 20, 2013 at 1:01 PM, Andrew Purtell <[EMAIL PROTECTED]> wrote:
> On Thu, Jun 20, 2013 at 10:31 AM, Alejandro Abdelnur <[EMAIL PROTECTED]
> > Is this restricted to the Hadoop project itself or the intention is to
> > cover the whole Hadoop ecosystem? If the later, how are you planning to
> > engage and sync up with the different projects?
> The intent is to cover the entire Hadoop ecosystem. How specifically to
> structure the work and engage different projects would depend on what facet
> of security is being addressed. I think it would be awesome if the Hadoop
> PMC is willing to lend resources for an ongoing virtual meetup on security
> concerns (a meetup ecosystem wide) that cross-cut everywhere, and that
> makes sense, at least to me, because in many cases we could build from the
> core outward and propose uptake of artifacts that solve a common problem on
> project specific JIRAs.
Sorry, what exactly do you mean by "meetup" ?
I think in general it makes sense for this effort to be hosted by the
Hadoop project proper, given that much of the security of the rest of the
system is built on top of the libraries in Hadoop Common. Note, however,
that certainly not all of what are generally considered the "Hadoop
ecosystem" projects build their security using only what's in Hadoop
Common, e.g. Hive makes extensive use of Thrift and Thrift's SASL
Aaron T. Myers
Software Engineer, Cloudera