[
https://issues.apache.org/jira/browse/HADOOP-2543?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12559165#action_12559165
]
Doug Cutting commented on HADOOP-2543:
--------------------------------------
> setting x77 means that there is a potential window where missed files can be
> co-opted by someone who shouldn't have them.
Like all files are today? I don't follow. We currently have zero security.
The security we're adding in this release is easy to subvert and mostly to keep
folks from shooting themselves in the foot. Keeping the "window" that's wide
open today open a bit longer doesn't significantly compromise anything.
> all those requiring backwards compatibility should just keep perms turned off.
We want folks to be able to upgrade, then use new features, without jumping
through hoops. Hoops should be optional. If you wish to be able to configure a
non-777 permission for after upgrade, that would be a reasonable feature, but
777 should be the default.
So perhaps we need a dfs.initial.permission parameter, used by the upgrade,
whose default value is 777, but that you can override along with setting
dfs.permissions=false, to support the upgrade procedure you desire. But I
don't think we should force all installations through that procedure in order
to get a usable system. We know from experience that most folks just install
the new version and expect things to work out of the box. When they don't they
file bugs.
> No-permission-checking mode for smooth transition to 0.16's permissions
> features.
> ----------------------------------------------------------------------------------
>
> Key: HADOOP-2543
> URL: https://issues.apache.org/jira/browse/HADOOP-2543
> Project: Hadoop
> Issue Type: New Feature
> Components: dfs
> Affects Versions: 0.15.1
> Reporter: Sanjay Radia
> Assignee: Hairong Kuang
> Fix For: 0.16.0
>
>
> In moving to 0.16, which will support permissions, a mode of no-permission
> checking has been proposed to allow smooth transition to using the new
> permissions feature.
> The idea is that at first 0.16 will be used for a period of time with
> permission checking off.
> Later after the admin has changed ownership and permissions of various files,
> the permission checking can be turned off.
> This Jira defines what the semantics are of the no-permission-checking mode.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
