[
https://issues.apache.org/jira/browse/HADOOP-14935?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16203207#comment-16203207
]
Santhosh G Nayak commented on HADOOP-14935:
-------------------------------------------
[~tmarquardt], according to HDFS permissions guide, traversal check is required
for all the operations. But, wasb authorization permission spec does not have
traversal check. The main reason to use READ as a substitute to traversal as a
*compromise* was to have a protection against wrongly diagnosed security issue
with hive. Now that it is clearly understood that the same security issue can
be resolved using the implementation of {{access()}} method in
{{NativeAzureFileSystem}}, authorization check from {{getFileStatus()}} alone
can be removed.
However, it is not understood, if {{getFileStatus()}} is used instead of
{{access()}} in other applications. So, the main motivation to add
{{fs.azure.enable.authorization.getfilestatus}} is to be able to *reintroduce
authorization check for {{getFileStatus()}}* easily, if security related issues
are exposed in other applications in authorization enabled secure cluster
without having to change the code which involves longer turn around time. This
cannot be achieved using {{azure Authorization}} configuration alone, as it is
meant for all the file system operations. I hope this clarifies the confusion.
> Azure: POSIX permissions are taking effect in access() method even when
> authorization is enabled
> ------------------------------------------------------------------------------------------------
>
> Key: HADOOP-14935
> URL: https://issues.apache.org/jira/browse/HADOOP-14935
> Project: Hadoop Common
> Issue Type: Sub-task
> Components: fs/azure
> Affects Versions: 2.9.0
> Reporter: Santhosh G Nayak
> Assignee: Santhosh G Nayak
> Attachments: HADOOP-14935-003.patch, HADOOP-14935-004.patch,
> HADOOP-14935.1.patch, HADOOP-14935.2.patch
>
>
> FileSystem implementation class for azure i.e. {{NativeAzureFileSystem}} does
> not override {{access(path,mode)}} method and uses the default implementation
> from the base class. This base implementaion uses the POSIX permissions to
> check if the requested user has access to given path or not even when
> authorization is enabled, which is incorrect.
> {{NativeAzureFileSystem.access()}} in authorization enabled mode should use
> the authorization mechanism provided instead of relying on the POSIX
> permission ons. So the proposal is to override {{FileSystem.access()}} method
> in {{NativeAzureFileSystem}} such that it honors the authorization mechanism
> configured in authorization enabled mode and falls back to POSIX permissions
> otherwise.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
