[
https://issues.apache.org/jira/browse/HDFS-6393?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Charles Lamb updated HDFS-6393:
-------------------------------
Description:
A user should be able to set an xAttr on any file in HDFS to stop an HDFS admin
user from reading the file. The blacklist for chown/chgrp would also enforced.
This will stop an HDFS admin from aging access to job token files and getting
HDFS DelegationTokens that would allow him/her to read an encrypted file.
was:
A user should be able to an xAttr on any file in HDFS to stop an HDFS admin
user from reading the file. The blacklist for chown/chgrp would also e enforced.
This will stop an HDFS admin from aging access to job token files and getting
HDFS DelegationTokens that would allow him/her to read an encrypted file.
> User settable xAttr to stop HDFS admins from reading/chowning a file
> --------------------------------------------------------------------
>
> Key: HDFS-6393
> URL: https://issues.apache.org/jira/browse/HDFS-6393
> Project: Hadoop HDFS
> Issue Type: Sub-task
> Components: namenode, security
> Reporter: Alejandro Abdelnur
> Assignee: Charles Lamb
>
> A user should be able to set an xAttr on any file in HDFS to stop an HDFS
> admin user from reading the file. The blacklist for chown/chgrp would also
> enforced.
> This will stop an HDFS admin from aging access to job token files and getting
> HDFS DelegationTokens that would allow him/her to read an encrypted file.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
