[ https://issues.apache.org/jira/browse/HADOOP-9006?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13494097#comment-13494097 ]
Ivan Mitic commented on HADOOP-9006: ------------------------------------ Thanks Chuan. I already reviewed this patch, so +1 from me. The change builds fine and your test passes. > Winutils should keep Administrators privileges intact > ----------------------------------------------------- > > Key: HADOOP-9006 > URL: https://issues.apache.org/jira/browse/HADOOP-9006 > Project: Hadoop Common > Issue Type: Bug > Affects Versions: 1-win > Reporter: Chuan Liu > Assignee: Chuan Liu > Priority: Minor > Fix For: 1-win > > Attachments: HADOOP-9006-branch-1-win.patch > > > This issue was originally discovered by [~ivanmi]. Cite his words as follows. > {quote} > Current by design behavior is for winutils to ACL the folders only for the > user passed in thru chmod/chown. This causes some un-natural side effects in > cases where Hadoop services run in the context of a non-admin user. For > example, Administrators on the box will no longer be able to: > - delete files created in the context of Hadoop services (other users) > - check the size of the folder where HDFS blocks are stored > {quote} > In my opinion, it is natural for some special accounts on Windows to be able > to access all the folders, including Hadoop folders. This is similar to Linux > in the way root users on Linux can always access any directories regardless > the permissions set the those directories. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira