[#SFOS-1187] Add an environment variable option to name the security manager for the scripts

SmartFrog

Add an environment variable option to name the security manager for the scripts

Created: 30/Apr/09 05:22 PM (BST) Updated: 08/May/09 01:21 PM (BST)

Component/s:

.sfCore, _service_hadoop

Affects Version/s:

3.17.010

Fix Version/s:

3.17.010

Time Tracking:

Not Specified

Compatibility:

backwards compatible

Description

« Hide

Hadoop currently only runs with a dummy security manager. To run Hadoop against (unedited) RPM installations, I need a way to set the classname of the security manager to use when security is turned on. If the environment variable is not set, the default security manager would be used.

All

Comments

Work Log

Change History

Sort Order:

[ Permlink | « Hide ]

Steve Loughran added a comment - 30/Apr/09 05:23 PM (BST)

This will affect
setSFDynamicClassLoadingProperties and setSFSecurityProperties

[ Permlink | « Hide ]

Steve Loughran added a comment - 05/May/09 01:57 PM (BST)

A new option, SFSECURITYMANAGER has been added, which lets you control what class implementing a security manager to use -when security is turned off. When security is on you get whatever the official security manager, is currently
org.smartfrog.sfcore.security.ExitTrappingRealSecurityManager

the reason for being this inflexible is when you want security on, you get security. Turning security on but then choosing a different security manager -including one that doesn't validate most operations- would be insecure.

[ Permlink | « Hide ]

Steve Loughran added a comment - 07/May/09 05:12 PM (BST)

done! SFSECURITYMANAGER, only used when security is off.

[ Permlink | « Hide ]

Steve Loughran added a comment - 08/May/09 01:21 PM (BST)

To enable this on an RPM installation, create the file /etc/profile.d/sfsecurity.sh containing the line

export SFSECURITYMANAGER=org.smartfrog.sfcore.security.ExitTrappingSecurityManager

Then reboot. This will intercept unauthorised exits but not do any other security checking