bypassExtAttr

Yongjun Zhang (JIRA) Wed, 23 Aug 2017 08:16:32 -0700

    [ 
https://issues.apache.org/jira/browse/HDFS-12295?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16138480#comment-16138480
 ]


Yongjun Zhang commented on HDFS-12295:
--------------------------------------

Hi [~chris.douglas],

One problem is, AccessControlEnforcer in INodeAttributeProvider does access 
external attribute provider for attributes for permission checking.

This might be an issue, say, we have two users: userX is who issue the copy 
command, copyUser is the dedicated user that runs copy for userX.

userX runs the copy, by sending the request to copyUser, the copy is going to 
be run as copyUser. If external provider disallows userX to access a certain 
file, but hdfs allows, then we still can copy the file. 

My original thinking about HDFS-12202 and HDFS-12295 approaches was, when we do 
permission checking, we still get the attributes from external provider, but 
when we copy the attributes, we get from HDFS.

If we simply claim that external attribute provider does't control file access 
when we do copy, that would be fine. But from a user's perspective, is it ok to 
ignore external provider for permission checking?

I'm also looking into how to effectively/correctly detect the copyUser at NN 
side.

Thanks.




> NameNode to support file path prefix /.reserved/bypassExtAttr
> -------------------------------------------------------------
>
>                 Key: HDFS-12295
>                 URL: https://issues.apache.org/jira/browse/HDFS-12295
>             Project: Hadoop HDFS
>          Issue Type: Sub-task
>          Components: hdfs, namenode
>            Reporter: Yongjun Zhang
>            Assignee: Yongjun Zhang
>         Attachments: HDFS-12295.001.patch, HDFS-12295.001.patch
>
>
> Let NameNode to support prefix /.reserved/bypassExtAttr, so client can add 
> thisprefix to a path before calling getFileStatus, e.g. /ab/c becomes 
> /.reserved/bypassExtAttr/a/b/c. NN will parse the path at the very beginning, 
> and bypass external attribute provider if the prefix is there.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

[jira] [Commented] (HDFS-12295) NameNode to support file path prefix /.reserved/bypassExtAttr

Reply via email to