[jira] [Created] (HDDS-7461) Change parent context right WRITE to CREATE when CRATE_BUCKET

Hongbing Wang (Jira) Sun, 06 Nov 2022 01:41:07 -0800

Hongbing Wang created HDDS-7461:
-----------------------------------

             Summary: Change parent context  right WRITE to CREATE when 
CRATE_BUCKET 
                 Key: HDDS-7461
                 URL: https://issues.apache.org/jira/browse/HDDS-7461
             Project: Apache Ozone
          Issue Type: Improvement
            Reporter: Hongbing Wang



The current Native ACL has the problem of permission enlargement.

When we grant `user1` WRITE permission to `/vol1/buk1`, the permissions we must 
grant to `user1` are:
 * WRITE permission for `vol1`
 * WRITE permission for `buk1`

This allows `user1` to create other buckets on `vol1` at will, which is not 
what we expected.

It's better to check user1's CREATE permission on vol1 when `user1` wants to 
create buckets. 



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

[jira] [Created] (HDDS-7461) Change parent context right WRITE to CREATE when CRATE_BUCKET

Reply via email to