[
https://issues.apache.org/jira/browse/HDFS-6824?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14086971#comment-14086971
]
Andrew Wang commented on HDFS-6824:
-----------------------------------
[~tucu00] relayed a few clarifications he'd like here too:
{quote}
HDFS never stores or has access to unencrypted data or *unencrypted* data
encryption keys.
A rogue user can collect keys to *files they have access to*, and use them
later to decrypt encrypted *data of that file*.
*As the user had access to the file, he already had access to the file
contents*.
{quote}
> Additional user documentation for HDFS encryption.
> --------------------------------------------------
>
> Key: HDFS-6824
> URL: https://issues.apache.org/jira/browse/HDFS-6824
> Project: Hadoop HDFS
> Issue Type: Sub-task
> Components: documentation
> Affects Versions: fs-encryption (HADOOP-10150 and HDFS-6134)
> Reporter: Andrew Wang
> Assignee: Andrew Wang
> Priority: Minor
>
> We'd like to better document additional things about HDFS encryption: setup
> and configuration, using alternate access methods (namely WebHDFS and
> HttpFS), other misc improvements.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
