[jira] [Commented] (HDFS-15051) RBF: Propose to revoke WRITE MountTableEntry privilege to super user only

Mon, 30 Dec 2019 08:02:12 -0800 


    [ 
https://issues.apache.org/jira/browse/HDFS-15051?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17005417#comment-17005417
 ] 

Xiaoqiao He commented on HDFS-15051:
------------------------------------

[~ayushtkn],[~elgoiri], v007 try to check write permission about the nearest 
parent mount table entry and other ancestor entries execute permission if exist 
when add mount table entry. Please take another reviews. Thanks.

> RBF: Propose to revoke WRITE MountTableEntry privilege to super user only
> -------------------------------------------------------------------------
>
>                 Key: HDFS-15051
>                 URL: https://issues.apache.org/jira/browse/HDFS-15051
>             Project: Hadoop HDFS
>          Issue Type: Sub-task
>          Components: rbf
>            Reporter: Xiaoqiao He
>            Assignee: Xiaoqiao He
>            Priority: Major
>         Attachments: HDFS-15051.001.patch, HDFS-15051.002.patch, 
> HDFS-15051.003.patch, HDFS-15051.004.patch, HDFS-15051.005.patch, 
> HDFS-15051.006.patch, HDFS-15051.007.patch
>
>
> The current permission checker of #MountTableStoreImpl is not very restrict. 
> In some case, any user could add/update/remove MountTableEntry without the 
> expected permission checking.
> The following code segment try to check permission when operate 
> MountTableEntry, however mountTable object is from Client/RouterAdmin 
> {{MountTable mountTable = request.getEntry();}}, and user could pass any mode 
> which could bypass the permission checker.
> {code:java}
>   public void checkPermission(MountTable mountTable, FsAction access)
>       throws AccessControlException {
>     if (isSuperUser()) {
>       return;
>     }
>     FsPermission mode = mountTable.getMode();
>     if (getUser().equals(mountTable.getOwnerName())
>         && mode.getUserAction().implies(access)) {
>       return;
>     }
>     if (isMemberOfGroup(mountTable.getGroupName())
>         && mode.getGroupAction().implies(access)) {
>       return;
>     }
>     if (!getUser().equals(mountTable.getOwnerName())
>         && !isMemberOfGroup(mountTable.getGroupName())
>         && mode.getOtherAction().implies(access)) {
>       return;
>     }
>     throw new AccessControlException(
>         "Permission denied while accessing mount table "
>             + mountTable.getSourcePath()
>             + ": user " + getUser() + " does not have " + access.toString()
>             + " permissions.");
>   }
> {code}
> I just propose revoke WRITE MountTableEntry privilege to super user only.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

---------------------------------------------------------------------
To unsubscribe, e-mail: hdfs-issues-unsubscr...@hadoop.apache.org
For additional commands, e-mail: hdfs-issues-h...@hadoop.apache.org

Reply via email to