[
https://issues.apache.org/jira/browse/HDFS-16004?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=18042032#comment-18042032
]
ASF GitHub Bot commented on HDFS-16004:
---------------------------------------
github-actions[bot] closed pull request #2966: HDFS-16004.startLogSegment and
journal in BackupNode lack Permission …
URL: https://github.com/apache/hadoop/pull/2966
> QJournal lack Permission check.
> --------------------------------
>
> Key: HDFS-16004
> URL: https://issues.apache.org/jira/browse/HDFS-16004
> Project: Hadoop HDFS
> Issue Type: Bug
> Reporter: lujie
> Assignee: lujie
> Priority: Critical
> Labels: pull-request-available
> Time Spent: 1h 20m
> Remaining Estimate: 0h
>
> BackupNode and QJournal lack Permission check, as BackupNode will be removed
> in the future, will not fix it.
>
> below is origin description.
>
> {color:#c1c7d0}I have some doubt when i configurate secure HDFS. I know we
> have Service Level Authorization for protocols like
> NamenodeProtocol,DatanodeProtocol and so on.{color}
> {color:#c1c7d0} But i do not find such Authorization for JournalProtocol
> after reading the code in HDFSPolicyProvider. And if we have, how can i
> configurate such Authorization?{color}
> {color:#c1c7d0} {color}
> {color:#c1c7d0} Besides even NamenodeProtocol has Service Level
> Authorization, its methods still have Permission check. Take startCheckpoint
> in NameNodeRpcServer who implemented NamenodeProtocol for example:{color}
> {color:#c1c7d0} {color}
> {color:#c1c7d0} _public NamenodeCommand startCheckpoint(NamenodeRegistration
> registration)_{color}
> {color:#c1c7d0} _throws IOException {_{color}
> {color:#c1c7d0} _String operationName = "startCheckpoint";_{color}
> {color:#c1c7d0} _checkNNStartup();_{color}
> {color:#c1c7d0}
> _namesystem.checkSuperuserPrivilege(operationName);{color}_
> _......_
> {color:#c1c7d0} {color}
> {color:#c1c7d0} I found that the methods in BackupNodeRpcServer who
> implemented JournalProtocol lack of such Permission check. See below:{color}
> {color:#c1c7d0} {color}
> {color:#c1c7d0} {color}
> {color:#c1c7d0} _public void startLogSegment(JournalInfo journalInfo,
> long epoch,_{color}
> {color:#c1c7d0} _long txid) throws IOException {_{color}
> {color:#c1c7d0}
> _namesystem.checkOperation(OperationCategory.JOURNAL);_{color}
> {color:#c1c7d0} _verifyJournalRequest(journalInfo);_{color}
> {color:#c1c7d0} _getBNImage().namenodeStartedLogSegment(txid);_{color}
> {color:#c1c7d0} _}_{color}
> {color:#c1c7d0} {color}
> {color:#c1c7d0} _@Override_{color}
> {color:#c1c7d0} _public void journal(JournalInfo journalInfo, long
> epoch, long firstTxId,_{color}
> {color:#c1c7d0} _int numTxns, byte[] records) throws IOException
> {_{color}
> {color:#c1c7d0}
> _namesystem.checkOperation(OperationCategory.JOURNAL);_{color}
> {color:#c1c7d0} _verifyJournalRequest(journalInfo);_{color}
> {color:#c1c7d0} _getBNImage().journal(firstTxId, numTxns,
> records);_{color}
> {color:#c1c7d0} _}_{color}
> {color:#c1c7d0} {color}
> {color:#c1c7d0} Do we need add Permission check for them?{color}
> {color:#c1c7d0} {color}
> {color:#c1c7d0} Please point out my mistakes if i am wrong or miss
> something. {color}
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
