You are viewing a plain text version of this content. The canonical link for it is here.

Posted to common-dev@hadoop.apache.org by "Varada Hemeswari (JIRA)" <ji...@apache.org> on 2017/06/23 15:50:00 UTC

[jira] [Created] (HADOOP-14581) Restrict setOwner to list of user when security is enabled in wasb

Varada Hemeswari created HADOOP-14581:
-----------------------------------------

             Summary: Restrict setOwner to list of user when security is enabled in wasb
                 Key: HADOOP-14581
                 URL: https://issues.apache.org/jira/browse/HADOOP-14581
             Project: Hadoop Common
          Issue Type: Bug
          Components: fs/azure
    Affects Versions: 3.0.0-alpha3
            Reporter: Varada Hemeswari
            Assignee: Varada Hemeswari


Currently in azure FS, setOwner api is exposed to all the users accessing the file system.
When Authorization is enabled, access to some files/folders is given to particular users based on whether the user is the owner of the file.
So setOwner has to be restricted to limited set of users to prevent users from exploiting owner based authorization of files and folders.

Introducing a new config called fs.azure.chown.allowed.userlist which is a comma seperated list of users who are allowed to perform chown operation when authorization is enabled.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

---------------------------------------------------------------------
To unsubscribe, e-mail: common-dev-unsubscribe@hadoop.apache.org
For additional commands, e-mail: common-dev-help@hadoop.apache.org