You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@ranger.apache.org by "Abdelkrim Hadjidj (JIRA)" <ji...@apache.org> on 2017/08/01 11:23:00 UTC
[jira] [Created] (RANGER-1718) Delegated admin should not be able
to extend his scope with recursive
Abdelkrim Hadjidj created RANGER-1718:
-----------------------------------------
Summary: Delegated admin should not be able to extend his scope with recursive
Key: RANGER-1718
URL: https://issues.apache.org/jira/browse/RANGER-1718
Project: Ranger
Issue Type: Bug
Components: admin
Affects Versions: 0.7.0
Reporter: Abdelkrim Hadjidj
Delegate admin helps offloading policies management to other users. However, the delegated admin should not be able to edit the original policy to get more privileges.
Problem with the actual solution: when a policy with 'recursive=No' is delegated to a user X, the user X is able to change 'recursive=Yes' and get privileges on lower levels of the HDFS directory.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)