[ https://issues.apache.org/jira/browse/HDFS-15051?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16995751#comment-16995751 ]
Xiaoqiao He commented on HDFS-15051: ------------------------------------ Hi [~elgoiri], Thanks for your use case. [^HDFS-15051.002.patch] try to fix the permission check as following rules with unit test to cover #updateMountTableEntry method. a. For #addMountTableEntry, try to check parent mount point write permission then add mount point if check pass. b. For #updateMountTableEntry, try to check the current mount point write permission then update mount point if check pass. c. For #removeMountTableEntry, I believe it is correct and without any changes. BTW, I want to state that I prefer to grant the MountTable operation privilege to superuser/admin only, even attach patch and try to fix this issue.If that, it will be more simple and controllable in my opinion. Welcome more suggestions and discussion. Thanks. > RBF: Propose to revoke WRITE MountTableEntry privilege to super user only > ------------------------------------------------------------------------- > > Key: HDFS-15051 > URL: https://issues.apache.org/jira/browse/HDFS-15051 > Project: Hadoop HDFS > Issue Type: Sub-task > Components: rbf > Reporter: Xiaoqiao He > Assignee: Xiaoqiao He > Priority: Major > Attachments: HDFS-15051.001.patch, HDFS-15051.002.patch > > > The current permission checker of #MountTableStoreImpl is not very restrict. > In some case, any user could add/update/remove MountTableEntry without the > expected permission checking. > The following code segment try to check permission when operate > MountTableEntry, however mountTable object is from Client/RouterAdmin > {{MountTable mountTable = request.getEntry();}}, and user could pass any mode > which could bypass the permission checker. > {code:java} > public void checkPermission(MountTable mountTable, FsAction access) > throws AccessControlException { > if (isSuperUser()) { > return; > } > FsPermission mode = mountTable.getMode(); > if (getUser().equals(mountTable.getOwnerName()) > && mode.getUserAction().implies(access)) { > return; > } > if (isMemberOfGroup(mountTable.getGroupName()) > && mode.getGroupAction().implies(access)) { > return; > } > if (!getUser().equals(mountTable.getOwnerName()) > && !isMemberOfGroup(mountTable.getGroupName()) > && mode.getOtherAction().implies(access)) { > return; > } > throw new AccessControlException( > "Permission denied while accessing mount table " > + mountTable.getSourcePath() > + ": user " + getUser() + " does not have " + access.toString() > + " permissions."); > } > {code} > I just propose revoke WRITE MountTableEntry privilege to super user only. -- This message was sent by Atlassian Jira (v8.3.4#803005) --------------------------------------------------------------------- To unsubscribe, e-mail: hdfs-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: hdfs-issues-h...@hadoop.apache.org