[jira] [Commented] (HADOOP-14768) Honoring sticky bit during Deletion when authorization is enabled in WASB

Thu, 21 Sep 2017 09:50:01 -0700 

    [ 
https://issues.apache.org/jira/browse/HADOOP-14768?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16175083#comment-16175083
 ] 

Thomas Marquardt commented on HADOOP-14768:
-------------------------------------------

I think the risk of regression is medium, on a scale of low, medium, high.  
With medium to high risk changes I recommend using a configuration option to 
enable the feature so that it does not impact users who are not using the new 
feature.  I think we can do that here, and branch the delete function to go 
down the legacy path or the new path when sticky bit support is enabled.  Also, 
since sticky bit is not fully implemented, I don't think we need to have it 
enabled by default.  In particular, I'm concerned about functional regressions 
and the performance impact of checking for the sticky bit, especially the cost 
incurred within {{getFolderContentsToDelete}} and 
{{getImmediateChildrenMetadata}}.  Using config would allow us to get some 
feedback on the new feature and its performance.

> Honoring sticky bit during Deletion when authorization is enabled in WASB
> -------------------------------------------------------------------------
>
>                 Key: HADOOP-14768
>                 URL: https://issues.apache.org/jira/browse/HADOOP-14768
>             Project: Hadoop Common
>          Issue Type: Sub-task
>          Components: fs/azure
>            Reporter: Varada Hemeswari
>            Assignee: Varada Hemeswari
>              Labels: fs, secure, wasb
>         Attachments: HADOOP-14768.001.patch, HADOOP-14768.002.patch, 
> HADOOP-14768.003.patch, HADOOP-14768.003.patch, HADOOP-14768.004.patch, 
> HADOOP-14768.004.patch
>
>
> When authorization is enabled in WASB filesystem, there is a need for 
> stickybit in cases where multiple users can create files under a shared 
> directory. This additional check for sticky bit is reqired since any user can 
> delete another user's file because the parent has WRITE permission for all 
> users.
> The purpose of this jira is to implement sticky bit equivalent for 'delete' 
> call when authorization is enabled.
> Note : Sticky bit implementation for 'Rename' operation is not done as part 
> of this JIRA



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to