You are viewing a plain text version of this content. The canonical link for it is here.
Posted to common-issues@hadoop.apache.org by "Varada Hemeswari (JIRA)" <ji...@apache.org> on 2017/06/23 16:26:00 UTC
[jira] [Updated] (HADOOP-14581) Restrict setOwner to list of user
when security is enabled in wasb
[ https://issues.apache.org/jira/browse/HADOOP-14581?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Varada Hemeswari updated HADOOP-14581:
--------------------------------------
Attachment: HADOOP-14581.1.patch
> Restrict setOwner to list of user when security is enabled in wasb
> ------------------------------------------------------------------
>
> Key: HADOOP-14581
> URL: https://issues.apache.org/jira/browse/HADOOP-14581
> Project: Hadoop Common
> Issue Type: Bug
> Components: fs/azure
> Affects Versions: 3.0.0-alpha3
> Reporter: Varada Hemeswari
> Assignee: Varada Hemeswari
> Labels: azure, fs, secure, wasb
> Attachments: HADOOP-14581.1.patch
>
>
> Currently in azure FS, setOwner api is exposed to all the users accessing the file system.
> When Authorization is enabled, access to some files/folders is given to particular users based on whether the user is the owner of the file.
> So setOwner has to be restricted to limited set of users to prevent users from exploiting owner based authorization of files and folders.
> Introducing a new config called fs.azure.chown.allowed.userlist which is a comma seperated list of users who are allowed to perform chown operation when authorization is enabled.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
---------------------------------------------------------------------
To unsubscribe, e-mail: common-issues-unsubscribe@hadoop.apache.org
For additional commands, e-mail: common-issues-help@hadoop.apache.org