[
https://issues.apache.org/jira/browse/HDFS-6705?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14113688#comment-14113688
]
Charles Lamb commented on HDFS-6705:
------------------------------------
[~hitliuyi],
{quote}
if the super user is the owner, then it can't access the file?
{quote}
Yes, that's the intended behavior.
{quote}
It is settable by any user which has hdfs access to that file.
It can only be set and never removed.
Then any user who has hdfs access can easily prevent HDFS admin to access file
and the admin can't access that file any more. Could we find a better way?
{quote}
The xattr only prevents read access to the contents and is specifically
intended to prevent the superuser from accessing the file. I realize that the
current patch prevents read and write access to the file. Based on
[~andrew.wang]'s comments, I'm going to change it to only restrict read access,
not write access. The superuser will still have access to the meta data
(xattrs, perms, etc.) so they can chown, chmod, etc.
It's unfortunate that the superuser could lock themselves out of a file, but it
needs to be that way or else the root could just chown a users file to root and
then read it.
> Create an XAttr that disallows the HDFS admin from accessing a file
> -------------------------------------------------------------------
>
> Key: HDFS-6705
> URL: https://issues.apache.org/jira/browse/HDFS-6705
> Project: Hadoop HDFS
> Issue Type: Sub-task
> Components: namenode, security
> Affects Versions: 3.0.0
> Reporter: Charles Lamb
> Assignee: Charles Lamb
> Attachments: HDFS-6705.001.patch
>
>
> There needs to be an xattr that specifies that the HDFS admin can not access
> a file. This is needed for m/r delegation tokens and data at rest encryption.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
