You are viewing a plain text version of this content. The canonical link for it is here.
Posted to common-issues@hadoop.apache.org by "Eli Collins (JIRA)" <ji...@apache.org> on 2011/03/08 17:46:59 UTC
[jira] Commented: (HADOOP-7172) SecureIO should not check owner on
non-secure clusters that have no native support
[ https://issues.apache.org/jira/browse/HADOOP-7172?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13004050#comment-13004050 ]
Eli Collins commented on HADOOP-7172:
-------------------------------------
+1
Change looks good. Please update the javadoc ("@throws IOException if an IO Error occurred, or the user does not match") to qualify this for the new behavior.
> SecureIO should not check owner on non-secure clusters that have no native support
> ----------------------------------------------------------------------------------
>
> Key: HADOOP-7172
> URL: https://issues.apache.org/jira/browse/HADOOP-7172
> Project: Hadoop Common
> Issue Type: Bug
> Components: io, security
> Affects Versions: 0.22.0
> Reporter: Todd Lipcon
> Assignee: Todd Lipcon
> Priority: Critical
> Fix For: 0.22.0
>
> Attachments: hadoop-7172.txt
>
>
> The SecureIOUtils.openForRead function currently uses a racy stat/open combo if security is disabled and the native libraries are not available. This ends up shelling out to "ls -ld" which is very very slow. We've seen this cause significant performance regressions on clusters that match this profile.
> Since the racy permissions check doesn't buy us any security anyway, we should just fall back to a normal "open" without any stat() at all, if we can't use the native support to do it efficiently.
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira