Alejandro Abdelnur created HDFS-6393:
----------------------------------------
Summary: User settable xAttr to stop HDFS admins from
reading/chowning a file
Key: HDFS-6393
URL: https://issues.apache.org/jira/browse/HDFS-6393
Project: Hadoop HDFS
Issue Type: Sub-task
Components: namenode, security
Reporter: Alejandro Abdelnur
Assignee: Charles Lamb
A user should be able to an xAttr on any file in HDFS to stop an HDFS admin
user from reading the file. The blacklist for chown/chgrp would also e enforced.
This will stop an HDFS admin from aging access to job token files and getting
HDFS DelegationTokens that would allow him/her to read an encrypted file.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
