Comment 7 for bug 1541122

your description of the networking issue is accurate Tristan.

i also concur that compromising the oozie mysql backend should not result in the capability for an attacker to escalate to the sahara service. a class D type bug sounds appropriate.