[
https://issues.apache.org/jira/browse/FALCON-851?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14195556#comment-14195556
]
Srikanth Sundarrajan commented on FALCON-851:
---------------------------------------------
{code}
+ FileSystem fileSystem =
HadoopClientFactory.get().createProxiedFileSystem(
+ getConf(), feed.getACL());
{code}
Can we avoid this method and instead build config based on ConfigurationHelper
{code}
+ String aclGroup = acl.getGroup();
...
+ if (!groups.contains(aclGroup)) {
{code}
Shouldn't group be a list? Would it not be possible for a owner to give
permission to access the entity when not belonging to a group ?
{code}
+ public FileSystem createProxiedFileSystem(final URI uri,
+ final Configuration conf,
+ final AccessControlList acl)
throws FalconException {
{code}
Can perhaps be avoided if the configuration already has the requisition
properties filled in. Somehow accepting an ACL for creating a file system seems
to indicate that some permission params are passed to create the FS, while they
are only being passed to set default umask.
> Super user authorization is broken
> ----------------------------------
>
> Key: FALCON-851
> URL: https://issues.apache.org/jira/browse/FALCON-851
> Project: Falcon
> Issue Type: Bug
> Affects Versions: 0.6
> Reporter: Venkatesh Seetharam
> Assignee: Venkatesh Seetharam
> Priority: Blocker
> Labels: authorization
> Fix For: 0.6
>
> Attachments: FALCON-851-v1.patch, FALCON-851.patch
>
>
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
