You are viewing a plain text version of this content. The canonical link for it is here.

Posted to common-dev@hadoop.apache.org by "Tsz Wo (Nicholas), SZE (JIRA)" <ji...@apache.org> on 2008/04/11 00:56:06 UTC

[jira] Issue Comment Edited: (HADOOP-3222) fsck should require superuser privilege

    [ https://issues.apache.org/jira/browse/HADOOP-3222?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12587806#action_12587806 ] 

szetszwo edited comment on HADOOP-3222 at 4/10/08 3:54 PM:
-------------------------------------------------------------------------

There are several reasons that fsck is better started by a superuser:
- fsck may access a lot of files/dirs.  If we check permission for each file/dir, the performance may be a problem.
- fsck uses namenode resource intensively.  It will be relatively easy to use it for DDOS.
- fsck traditionaly is used for checking and repairing file system, which is an admin operation.  If we need some command for finding the distribution of a directory's data blocks, we are better to create a new one.

Even if we don't require superuser to run fsck, we have to define what are the permissions required for fsck and its options.  There is no permission check for fsck currently, i.e. any user can run fsck in any dir.

      was (Author: szetszwo):
    There are several reasons that fsck is better started by a superuser:
- fsck may access a lot of files/dirs.  If we check permission for each file/dir, the performance may be a problem.
- fsck uses namenode resource intensively.  It will be relatively easy to use it for DDOS.
- fsck traditionaly is used for check and repair file system, which is an admin operation.  If we need some command for finding the distribution of a directory's data blocks, we are better to create a new one.
  
> fsck should require superuser privilege
> ---------------------------------------
>
>                 Key: HADOOP-3222
>                 URL: https://issues.apache.org/jira/browse/HADOOP-3222
>             Project: Hadoop Core
>          Issue Type: Bug
>          Components: dfs
>            Reporter: Tsz Wo (Nicholas), SZE
>
> Currently, any user can run fsck.  It should require superuser privilege.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.