[jira] [Commented] (HADOOP-14768) Honoring sticky bit during Deletion when authorization is enabled in WASB

Tue, 19 Sep 2017 11:38:15 -0700 

    [ 
https://issues.apache.org/jira/browse/HADOOP-14768?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16172143#comment-16172143
 ] 

Thomas Marquardt commented on HADOOP-14768:
-------------------------------------------

Looks good overall, but does not fully implement the sticky bit.  Comments 
below:

*NativeAzureFileSystem.java*:
  *L1870* - Sticky bit prevents other users from deleting or +renaming+.  Note 
that delete  happens in AzureNativeFileSystemStore.java *L2513* in the 
implementation of {{AzureNativeFileSystemStore.safeDelete}}.  It is ultimately 
called by {{FileSystem.rename}} and {{FileSystem.delete}}.  The sticky bit 
feature is not fully implemented.

  *L2208* - {{ArrayList}} has a default capacity of 10.  Looks like you can 
initialize it with the right capacity after determining the number of files and 
avoid unnecessary copies.

  *L2117* - The default capacity of {{HashMap}} is 16.  I think initializing it 
with a larger capacity (1000) or delaying the initialization until we list the 
children will avoid unnecessary copies.

> Honoring sticky bit during Deletion when authorization is enabled in WASB
> -------------------------------------------------------------------------
>
>                 Key: HADOOP-14768
>                 URL: https://issues.apache.org/jira/browse/HADOOP-14768
>             Project: Hadoop Common
>          Issue Type: Sub-task
>          Components: fs/azure
>            Reporter: Varada Hemeswari
>            Assignee: Varada Hemeswari
>              Labels: fs, secure, wasb
>         Attachments: HADOOP-14768.001.patch, HADOOP-14768.002.patch, 
> HADOOP-14768.003.patch, HADOOP-14768.003.patch, HADOOP-14768.004.patch
>
>
> When authorization is enabled in WASB filesystem, there is a need for 
> stickybit in cases where multiple users can create files under a shared 
> directory. This additional check for sticky bit is reqired since any user can 
> delete another user's file because the parent has WRITE permission for all 
> users.
> The purpose of this jira is to implement sticky bit equivalent for 'delete' 
> call when authorization is enabled.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to