[
https://issues.apache.org/jira/browse/HADOOP-1298?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_12521636
]
Christophe Taton commented on HADOOP-1298:
------------------------------------------
Some answers:
- I'll correct POSIXFilePermission.implies().
- The POSIX execution right should matter when accessing to directories.
Strictly speaking, the read right allows you to list the content of a
directory, but does not allow you to open any file it contains, while the
execution right does not allow you to list the content of a directory, but
allow you to open a file it contains (provided you already know its name!)...
Even if in our case I merged execution and read and ignore execution (to
simplify the patch...), I should quite easily be able to extend this to fully
comply with POSIX.
- ok for SimpleTicket
- I'll remove the checks for these specific entities
- I changed RPC as I did not think of any _clean_ way to retrieve the access
control exception on the client-side. The AccessControlException actually
happens on the server-side, is then converted into a IOException that contains
a string, serialized through an ObjectWritable to the client. It is hard, from
my point of view, to get the AccessControlException back from this client-side
regenerated IOException. Moreover, the change in RPC is very small :)
- I agree for Tickets validation; what would be the data to submit to
Ticket.validate()?
I have to redesign some things as the last commits have changed the INode tree
a lot.
I'll send a new patch soon.
Thanks a lot for your comments!
> adding user info to file
> ------------------------
>
> Key: HADOOP-1298
> URL: https://issues.apache.org/jira/browse/HADOOP-1298
> Project: Hadoop
> Issue Type: New Feature
> Components: dfs, fs
> Reporter: Kurtis Heimerl
> Assignee: Christophe Taton
> Fix For: 0.15.0
>
> Attachments: 1298_20070820a-1298only.patch,
> 1298_20070820a-full.patch, hadoop-user-munncha.patch17, layout20070731.patch
>
>
> I'm working on adding a permissions model to hadoop's DFS. The first step is
> this change, which associates user info with files. Following this I'll
> assoicate permissions info, then block methods based on that user info, then
> authorization of the user info.
> So, right now i've implemented adding user info to files. I'm looking for
> feedback before I clean this up and make it offical.
> I wasn't sure what release, i'm working off trunk.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
