Xiaoqiao He created HDFS-15051:
----------------------------------
Summary: Propose to revoke WRITE MountTableEntry privilege to
super user only
Key: HDFS-15051
URL: https://issues.apache.org/jira/browse/HDFS-15051
Project: Hadoop HDFS
Issue Type: Sub-task
Components: rbf
Reporter: Xiaoqiao He
Assignee: Xiaoqiao He
The current permission checker of #MountTableStoreImpl is not very restrict. In
some case, any user could add/update/remove MountTableEntry without the
expected permission checking.
The following code segment try to check permission when operate
MountTableEntry, however mountTable object is from Client/RouterAdmin
{{MountTable mountTable = request.getEntry();}}, and user could pass any mode
which could bypass the permission checker.
{code:java}
public void checkPermission(MountTable mountTable, FsAction access)
throws AccessControlException {
if (isSuperUser()) {
return;
}
FsPermission mode = mountTable.getMode();
if (getUser().equals(mountTable.getOwnerName())
&& mode.getUserAction().implies(access)) {
return;
}
if (isMemberOfGroup(mountTable.getGroupName())
&& mode.getGroupAction().implies(access)) {
return;
}
if (!getUser().equals(mountTable.getOwnerName())
&& !isMemberOfGroup(mountTable.getGroupName())
&& mode.getOtherAction().implies(access)) {
return;
}
throw new AccessControlException(
"Permission denied while accessing mount table "
+ mountTable.getSourcePath()
+ ": user " + getUser() + " does not have " + access.toString()
+ " permissions.");
}
{code}
I just propose revoke WRITE MountTableEntry privilege to super user only.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: hdfs-dev-unsubscr...@hadoop.apache.org
For additional commands, e-mail: hdfs-dev-h...@hadoop.apache.org
