[
https://issues.apache.org/jira/browse/HDFS-8736?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14619894#comment-14619894
]
Owen O'Malley commented on HDFS-8736:
-------------------------------------
I agree with Allen. Preventing access to the LocalFileSystem doesn't help
anything. The Hadoop security model depends on having unix user ids or more
recently Linux containers.
> ability to deny access to different filesystems
> -----------------------------------------------
>
> Key: HDFS-8736
> URL: https://issues.apache.org/jira/browse/HDFS-8736
> Project: Hadoop HDFS
> Issue Type: Improvement
> Components: security
> Affects Versions: 2.5.0
> Reporter: Purvesh Patel
> Priority: Minor
> Labels: security
> Attachments: Patch.pdf
>
>
> In order to run in a secure context, ability to deny access to different
> filesystems(specifically the local file system) to non-trusted code this
> patch adds a new SecurityPermission class(AccessFileSystemPermission) and
> checks the permission in FileSystem#get before returning a cached file system
> or creating a new one. Please see attached patch.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
