[jira] Commented: (HADOOP-2659) The commands in DFSAdmin should require admin privilege

Fri, 18 Jan 2008 15:39:57 -0800 

    [ 
https://issues.apache.org/jira/browse/HADOOP-2659?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12560604#action_12560604
 ] 

Konstantin Shvachko commented on HADOOP-2659:
---------------------------------------------

- renewLease() does not seem to be ab admin command.
- distributedUpgradeProgress() is called by DFSAdmin and by JspHelper. 
In the DFSAdmin case it should be protected, but web UI does not need to have 
have super-user privileges. 
For consistency I would propose just to treat this operation available to all 
users in all cases.
I do not see how knowing the upgrade stage can threaten the system security. Or 
does it?
- I'd prefer a full name checkSuperuserPermissions() instead of checkIsSuper().
- import of FSConstants.SafeModeAction is redundant because FSNamesystem 
inherits FSConstants.

> The commands in DFSAdmin should require admin privilege
> -------------------------------------------------------
>
>                 Key: HADOOP-2659
>                 URL: https://issues.apache.org/jira/browse/HADOOP-2659
>             Project: Hadoop
>          Issue Type: Bug
>          Components: dfs
>            Reporter: Tsz Wo (Nicholas), SZE
>            Assignee: Tsz Wo (Nicholas), SZE
>         Attachments: 2659_20080118.patch
>
>
> The commands in DFSAdmin and the corresponding RPC calls should require admin 
> privilege.
> DFSAdmin commands:
> -report
> -safemode
> -refreshNodes
> -finalizeUpgrade
> -upgradeProgress
> -metasave
> ClientProtocol:
> {code}
> public void renewLease(String clientName) throws IOException;
> public long[] getStats() throws IOException;
> public DatanodeInfo[] getDatanodeReport(FSConstants.DatanodeReportType type) 
> throws IOException;
> public boolean setSafeMode(FSConstants.SafeModeAction action) throws 
> IOException;
> public void refreshNodes() throws IOException;
> public void finalizeUpgrade() throws IOException;
> public UpgradeStatusReport distributedUpgradeProgress(UpgradeAction action) 
> throws IOException;
> public void metaSave(String filename) throws IOException;
> {code}

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

Reply via email to