You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@falcon.apache.org by "Balu Vellanki (JIRA)" <ji...@apache.org> on 2015/09/03 01:16:46 UTC

[jira] [Updated] (FALCON-1340) Falcon allows change of entity owner by non-super user

     [ https://issues.apache.org/jira/browse/FALCON-1340?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Balu Vellanki updated FALCON-1340:
----------------------------------
    Assignee:     (was: Balu Vellanki)

> Falcon allows change of entity owner by non-super user
> ------------------------------------------------------
>
>                 Key: FALCON-1340
>                 URL: https://issues.apache.org/jira/browse/FALCON-1340
>             Project: Falcon
>          Issue Type: Bug
>          Components: general
>    Affects Versions: 0.6.1
>            Reporter: Balu Vellanki
>
> HDFS does not allow changing owner of a file by normal user. Should falcon allow the same for entities ? 
> Today if two users belong to same group "users" and the falcon entity ACL is "owner=user1, group=users, permissions=*" , then user2 can update the falcon entity and claim ownership of this entity.  User2 can also change the group from "users" to "privateGroup" and lock out user1 from taking back ownership of entity. 
> Originally reported by [~raghavgautam]



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)