[
https://issues.apache.org/jira/browse/HDFS-6705?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14111707#comment-14111707
]
Yi Liu commented on HDFS-6705:
------------------------------
if the super user is the owner, then it can't access the file?
{quote}
It is settable by any user which has hdfs access to that file.
It can only be set and never removed.
{quote}
Then any user who has hdfs access can easily prevent HDFS admin to access file
and the admin can't access that file any more. Could we find a better way?
> Create an XAttr that disallows the HDFS admin from accessing a file
> -------------------------------------------------------------------
>
> Key: HDFS-6705
> URL: https://issues.apache.org/jira/browse/HDFS-6705
> Project: Hadoop HDFS
> Issue Type: Sub-task
> Components: namenode, security
> Affects Versions: 3.0.0
> Reporter: Charles Lamb
> Assignee: Charles Lamb
> Attachments: HDFS-6705.001.patch
>
>
> There needs to be an xattr that specifies that the HDFS admin can not access
> a file. This is needed for m/r delegation tokens and data at rest encryption.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
