[ https://issues.apache.org/jira/browse/NIFI-7884?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
David Handermann reassigned NIFI-7884: -------------------------------------- Assignee: David Handermann > Separate "read-filesystem" restricted permission into local file system and > HDFS file system permissions > -------------------------------------------------------------------------------------------------------- > > Key: NIFI-7884 > URL: https://issues.apache.org/jira/browse/NIFI-7884 > Project: Apache NiFi > Issue Type: Improvement > Components: Core Framework, Extensions > Affects Versions: 1.12.1 > Reporter: Andy LoPresto > Assignee: David Handermann > Priority: Major > Labels: file-system, hdfs, restricted, security > > Currently the {{read-filesystem}} value for {{RequiredPermission}} is used > for both the processors which read directly from the local file system of the > machine hosting NiFi ({{GetFile}}, {{ListFile}}, etc.) and the processors > which read from external file systems like HDFS ({{GetHDFS}}, {{PutHDFS}}, > etc.). There are use cases where NiFi users should be able to interact with > the HDFS file system without having permissions to access the local file > system. > This will also require introducing a global setting in {{nifi.properties}} > that an admin can set to allow local file system access via the HDFS > processors (default {{true}} for backward compatibility), and additional > validation logic in the HDFS processors (ideally the abstract shared logic) > to ensure that if this setting is disabled, the HDFS processors are not > accessing the local file system via the {{file:///}} protocol in their > configuration. -- This message was sent by Atlassian Jira (v8.3.4#803005)