[jira] [Commented] (HDFS-15051) RBF: Propose to revoke WRITE MountTableEntry privilege to super user only

Tue, 31 Mar 2020 22:27:39 -0700 


    [ 
https://issues.apache.org/jira/browse/HDFS-15051?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17072393#comment-17072393
 ] 

Xiaoqiao He commented on HDFS-15051:
------------------------------------

Thanks [~ayushtkn] and [~elgoiri] for your comments. v010 add javadoc for 
#addMountTableEntry and remove returns of #checkMountTablePermission, also 
rename to #checkMountTableEntryPermission. PTAL. Thanks.

> RBF: Propose to revoke WRITE MountTableEntry privilege to super user only
> -------------------------------------------------------------------------
>
>                 Key: HDFS-15051
>                 URL: https://issues.apache.org/jira/browse/HDFS-15051
>             Project: Hadoop HDFS
>          Issue Type: Sub-task
>          Components: rbf
>            Reporter: Xiaoqiao He
>            Assignee: Xiaoqiao He
>            Priority: Major
>         Attachments: HDFS-15051.001.patch, HDFS-15051.002.patch, 
> HDFS-15051.003.patch, HDFS-15051.004.patch, HDFS-15051.005.patch, 
> HDFS-15051.006.patch, HDFS-15051.007.patch, HDFS-15051.008.patch, 
> HDFS-15051.009.patch, HDFS-15051.010.patch
>
>
> The current permission checker of #MountTableStoreImpl is not very restrict. 
> In some case, any user could add/update/remove MountTableEntry without the 
> expected permission checking.
> The following code segment try to check permission when operate 
> MountTableEntry, however mountTable object is from Client/RouterAdmin 
> {{MountTable mountTable = request.getEntry();}}, and user could pass any mode 
> which could bypass the permission checker.
> {code:java}
>   public void checkPermission(MountTable mountTable, FsAction access)
>       throws AccessControlException {
>     if (isSuperUser()) {
>       return;
>     }
>     FsPermission mode = mountTable.getMode();
>     if (getUser().equals(mountTable.getOwnerName())
>         && mode.getUserAction().implies(access)) {
>       return;
>     }
>     if (isMemberOfGroup(mountTable.getGroupName())
>         && mode.getGroupAction().implies(access)) {
>       return;
>     }
>     if (!getUser().equals(mountTable.getOwnerName())
>         && !isMemberOfGroup(mountTable.getGroupName())
>         && mode.getOtherAction().implies(access)) {
>       return;
>     }
>     throw new AccessControlException(
>         "Permission denied while accessing mount table "
>             + mountTable.getSourcePath()
>             + ": user " + getUser() + " does not have " + access.toString()
>             + " permissions.");
>   }
> {code}
> I just propose revoke WRITE MountTableEntry privilege to super user only.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to