Versions Compared

Old Version 5

changes.mady.by.user Rohit Sinha

Saved on

compared with

New Version 6

changes.mady.by.user Rohit Sinha

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  • Currently read on Dataset requires permission on Namespace
    • Disadvantages: 
      • Dataset READ/WRITE require some permission on the namespace like READ. But since privileges are hierarchical this will lead to READ on every entity inside the namespace.
  • Having EXECUTE on a program does not allow user to run the program unless he has some privilege on the Application. 
    • To see the program in UI some privilege is needed on the application
  • Need for non hierarchical privileges ?
    • Managing non-hierarchical privileges can be cumbersome
  • Revoke all from an entity leads to entity with no privileges leading to an unusable entity
  • Updating system artifacts is not possible since only cdap has access on system namespace.

Sentry:

  • Reduce number of roles created by Sentry
  • User Handle cases where user does not have its own group
  • Cache Invalidation
  • Revoke all from an entity leads to entity with no privilege which cannot be used

General

  • invalidation in case of group privilege change
  • Grant on roles fail if the granting user does not have the same privilege (CDAP-9305)

General

  • Reduce CDAP start time because of securityhttps://issues.cask.co/browse/CDAP-11659
    • One possibility to solve this will be to don't do any auth for cdap user in cdap namespace. (https://issues.cask.
  • Add new config for system admin on system namespace
  • Revoking
  • Revoking privileges from admin users when they are removed from listthat instance.admin config
    • Role for instance and system admins and every restart we remove all groups and add again.
  • Cleanup all privileges on namespace deleteOn namespace/entity delete some privileges are left over 
  • Debugging security issues
    • Logger for every logged in user or MDCMDC based trace logging for a user (dynamic configuration)

ITN

  • Review all pending PRs (Rohit)
  • How many new test cases to add and how many are done (Yaojie)
  • Refactoring to run same tests in
    • Impersonation
      • Namespace Level
      • App Level
      • Classic (No impersonation, authorization)
    • Custom Mapping (Hive, Hbase, HDFS)
  • Authorization : More tests
    • Artifact
    • Pipeline
    • Dataset types
    • Dataset modules
    • Secure keys

...