[jira] [Commented] (HDFS-4434) Provide a mapping from INodeId to INode

Tue, 09 Apr 2013 08:06:18 -0700 

    [ 
https://issues.apache.org/jira/browse/HDFS-4434?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13626689#comment-13626689
 ] 

Daryn Sharp commented on HDFS-4434:
-----------------------------------

bq.  Exception might print the regular path corresponding to a given inode ID. 
Do you see any issue with it?
Yes.  In some environments, the path name itself might be enough to divulge 
sensitive information.  There are two cases to consider:
# If a directory allows listing, but child paths are not readable, then 
allowing arbitrary inode resolution is ok because the user could see the paths 
anyway.
# If the directory denies access, then we should ensure that no operation will 
expose the path names because the user isn't supposed to be able to see them.

bq.  the exception will not give you any an additional info as long *as the 
exception does not returns the full path*
Yes, exactly my concern, per #2 above.  Some operations appear to check 
preconditions before using the permission checker, or resolve before checking 
safemode - and then throw exceptions with the resolved path.  Ex. mkdir, 
append, lease recovery, completeFile, rename, delete, and probably others will 
divulge paths.

Concat doesn't appear to handle inode paths.  Does lease renewal work for inode 
paths?
                
> Provide a mapping from INodeId to INode
> ---------------------------------------
>
>                 Key: HDFS-4434
>                 URL: https://issues.apache.org/jira/browse/HDFS-4434
>             Project: Hadoop HDFS
>          Issue Type: Sub-task
>          Components: namenode
>    Affects Versions: 3.0.0
>            Reporter: Brandon Li
>            Assignee: Suresh Srinivas
>         Attachments: HDFS-4434.patch, HDFS-4434.patch, HDFS-4434.patch, 
> HDFS-4434.patch, HDFS-4434.patch, HDFS-4434.patch, HDFS-4434.patch, 
> HDFS-4434.patch, HDFS-4434.patch, HDFS-4434.patch, HDFS-4434.patch, 
> HDFS-4434.patch, HDFS-4434.patch, HDFS-4434.patch, HDFS-4434.patch, 
> HDFS-4434.patch, HDFS-4434.patch
>
>
> This JIRA is to provide a way to access the INode via its id. The proposed 
> solution is to have an in-memory mapping from INodeId to INode. 

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Reply via email to