You are viewing a plain text version of this content. The canonical link for it is here.
Posted to common-dev@hadoop.apache.org by "Varada Hemeswari (JIRA)" <ji...@apache.org> on 2017/06/23 15:50:00 UTC
[jira] [Created] (HADOOP-14581) Restrict setOwner to list of user
when security is enabled in wasb
Varada Hemeswari created HADOOP-14581:
-----------------------------------------
Summary: Restrict setOwner to list of user when security is enabled in wasb
Key: HADOOP-14581
URL: https://issues.apache.org/jira/browse/HADOOP-14581
Project: Hadoop Common
Issue Type: Bug
Components: fs/azure
Affects Versions: 3.0.0-alpha3
Reporter: Varada Hemeswari
Assignee: Varada Hemeswari
Currently in azure FS, setOwner api is exposed to all the users accessing the file system.
When Authorization is enabled, access to some files/folders is given to particular users based on whether the user is the owner of the file.
So setOwner has to be restricted to limited set of users to prevent users from exploiting owner based authorization of files and folders.
Introducing a new config called fs.azure.chown.allowed.userlist which is a comma seperated list of users who are allowed to perform chown operation when authorization is enabled.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
---------------------------------------------------------------------
To unsubscribe, e-mail: common-dev-unsubscribe@hadoop.apache.org
For additional commands, e-mail: common-dev-help@hadoop.apache.org