[jira] [Updated] (HDDS-4335) No user access checks in Ozone FS

[Neil Joshi (Jira)]

     [ 
https://issues.apache.org/jira/browse/HDDS-4335?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Neil Joshi updated HDDS-4335:
-----------------------------
    Attachment: bucket_creation_user1.png

> No user access checks in Ozone FS
> ---------------------------------
>
>                 Key: HDDS-4335
>                 URL: https://issues.apache.org/jira/browse/HDDS-4335
>             Project: Apache Ozone
>          Issue Type: Bug
>            Reporter: Shashikant Banerjee
>            Assignee: Neil Joshi
>            Priority: Major
>
> Currently, a dir/file created with hdfs user cab be deleted by any user.
> {code:java}
> [sbanerjee@vd1308 MapReduce-Performance_Testing-master]$ sudo -u hdfs ozone 
> fs -mkdir o3fs://bucket1.vol1.ozone1/data/sandbox/poc/teragen
> [sbanerjee@vd1308 MapReduce-Performance_Testing-master]$ sudo -u hdfs ozone 
> fs -ls o3fs://bucket1.vol1.ozone1/data/sandbox/poc/teragen
> [sbanerjee@vd1308 MapReduce-Performance_Testing-master]$ sudo -u hdfs ozone 
> fs -ls o3fs://bucket1.vol1.ozone1/data/sandbox/poc/
> Found 1 items
> drwxrwxrwx   - hdfs hdfs          0 2020-10-12 02:51 
> o3fs://bucket1.vol1.ozone1/data/sandbox/poc/teragen
> [sbanerjee@vd1308 MapReduce-Performance_Testing-master]$ 
> [sbanerjee@vd1308 MapReduce-Performance_Testing-master]$ 
> [sbanerjee@vd1308 MapReduce-Performance_Testing-master]$ 
> [sbanerjee@vd1308 MapReduce-Performance_Testing-master]$ ozone fs -rm -r 
> o3fs://bucket1.vol1.ozone1/data/sandbox/poc/
> 20/10/12 02:52:16 INFO Configuration.deprecation: io.bytes.per.checksum is 
> deprecated. Instead, use dfs.bytes-per-checksum
> 20/10/12 02:52:16 INFO ozone.BasicOzoneFileSystem: Move to trash is disabled 
> for o3fs, deleting instead: o3fs://bucket1.vol1.ozone1/data/sandbox/poc. 
> Files or directories will NOT be retained in trash. Ignore the following 
> TrashPolicyDefault message, if any.
> 20/10/12 02:52:16 INFO fs.TrashPolicyDefault: Moved: 
> 'o3fs://bucket1.vol1.ozone1/data/sandbox/poc' to trash at: 
> /.Trash/sbanerjee/Current/data/sandbox/poc1602496336480
> [sbanerjee@vd1308 MapReduce-Performance_Testing-master]$ sudo -u hdfs ozone 
> fs -ls o3fs://bucket1.vol1.ozone1/data/sandbox/poc/
> ls: `o3fs://bucket1.vol1.ozone1/data/sandbox/poc/': No such file or directory
> {code}
> Whereas, the same seuquence fails with permission denied error in HDFS.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscr...@ozone.apache.org
For additional commands, e-mail: issues-h...@ozone.apache.org