[jira] Updated: (HADOOP-4359) Access Token: Support for data access authorization checking on DataNodes

Wed, 27 May 2009 18:54:12 -0700 

     [ 
https://issues.apache.org/jira/browse/HADOOP-4359?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Kan Zhang updated HADOOP-4359:
------------------------------

    Summary: Access Token: Support for data access authorization checking on 
DataNodes  (was: Support for data access authorization checking on DataNodes)

> Access Token: Support for data access authorization checking on DataNodes
> -------------------------------------------------------------------------
>
>                 Key: HADOOP-4359
>                 URL: https://issues.apache.org/jira/browse/HADOOP-4359
>             Project: Hadoop Core
>          Issue Type: New Feature
>          Components: dfs
>    Affects Versions: 0.20.0
>            Reporter: Kan Zhang
>            Assignee: Kan Zhang
>             Fix For: 0.21.0
>
>         Attachments: AccessTokenDesign1.pdf, at13.patch, at19.patch, 
> at31.patch, at33.patch, at34.patch, at35.patch, at36.patch, at37.patch, 
> at38.patch, at39.patch, at40.patch
>
>
> Currently, DataNodes do not enforce any access control on accesses to its 
> data blocks. This makes it possible for an unauthorized client to read a data 
> block as long as she can supply its block ID. It's also possible for anyone 
> to write arbitrary data blocks to DataNodes. 
> When users request file accesses on the NameNode, file permission checking 
> takes place. Authorization decisions are made with regard to whether the 
> requested accesses to those files (and implicitly, to their corresponding 
> data blocks) are permitted. However, when it comes to subsequent data block 
> accesses on the DataNodes, those authorization decisions are not made 
> available to the DataNodes and consequently, such accesses are not verified. 
> Datanodes are not capable of reaching those decisions independently since 
> they don't have concepts of files, let alone file permissions.
> In order to implement data access policies consistently across HDFS services, 
> there is a need for a mechanism by which authorization decisions made on the 
> NameNode can be faithfully enforced on the DataNodes and any unauthorized 
> access is declined.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

Reply via email to