Hi Raghu, I'm aware of no immediate plans to eliminate this property, but HDFS-2856 will change the security design on the protocol between HDFS client and datanode such that secure datanodes will not require a privileged port, and thus you won't need this configuration property. HDFS-2856 is still under design review.
https://issues.apache.org/jira/browse/HDFS-2856 Please note that ignore.secure.ports.for.testing is not suitable for running a secure production cluster. It opens a risk of a rogue map or reduce task binding to the datanode's RPC port, impersonating a legitimate datanode, and stealing secrets or sensitive data. (That jira includes a full description of the attack vector if you're interested.) I hope this helps. Thanks! Chris Nauroth Hortonworks http://hortonworks.com/ On Tue, May 21, 2013 at 12:24 PM, Raghu Doppalapudi <raghu.hb...@gmail.com>wrote: > I am starting datanode in secure mode on higher default ports by overriding > the following property. > > <property> > <name>ignore.secure.ports.for.testing</name> > <value>true</value> > </property> > > Is this property going to be a permanent one, please suggest whether this > property good to use, I just want to check whether this is temporary or > permanent property. > > Thanks >
