[ https://issues.apache.org/jira/browse/HDFS-10276?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Yongjun Zhang updated HDFS-10276: --------------------------------- Resolution: Fixed Hadoop Flags: Reviewed Fix Version/s: 2.8.0 Status: Resolved (was: Patch Available) Committed to trunk, branch-2, branch-2.8. Thanks [~yuanbo] for the contribution and other folks for the review and discussion. > HDFS should not expose path info that user has no permission to see. > -------------------------------------------------------------------- > > Key: HDFS-10276 > URL: https://issues.apache.org/jira/browse/HDFS-10276 > Project: Hadoop HDFS > Issue Type: Bug > Reporter: Kevin Cox > Assignee: Yuanbo Liu > Fix For: 2.8.0 > > Attachments: HDFS-10276.001.patch, HDFS-10276.002.patch, > HDFS-10276.003.patch, HDFS-10276.004.patch, HDFS-10276.005.patch, > HDFS-10276.006.patch > > > This following issue is remedied by HDFS-5802. > {quote} > Given you have a file {{/file}} an existence check for the path > {{/file/whatever}} will give different responses for different > implementations of FileSystem. > LocalFileSystem will return false while DistributedFileSystem will throw > {{org.apache.hadoop.security.AccessControlException: Permission denied: ..., > access=EXECUTE, ...}} > {quote} > However, HDFS-5802 may expose information about a path that user doesn't have > permission to see. > For example, if the user asks for /a/b/c, but does not have permission to > list /a, we should not complain about /a/b -- This message was sent by Atlassian JIRA (v6.3.4#6332) --------------------------------------------------------------------- To unsubscribe, e-mail: hdfs-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: hdfs-issues-h...@hadoop.apache.org