[jira] Commented: (MAPREDUCE-1307) Introduce the concept of Job Permissions

Sat, 06 Feb 2010 19:36:52 -0800 

    [ 
https://issues.apache.org/jira/browse/MAPREDUCE-1307?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12830633#action_12830633
 ] 

Vinod K V commented on MAPREDUCE-1307:
--------------------------------------

The above proposal has some idiosyncrasies and can be improved:
 - The permissions model is not uniform across jobs and queues. Jobs use POSIX 
model while queues use ACLs. Having the same model can simplify the code a bit 
at the same time, users/admins can use the same model to describe permissions.
 - Job permissions don't strictly follow the POSIX model
    -- executable bit will be ignored completely and has no meaning
    -- a job can be owned by multiple groups whereas a file can only be owned 
by a single group
    -- because permissions on queues(directories) are still expressed as ACLs, 
it is not possible to extend the job-permissions to say, implement chmod on the 
job. The patch currently assumes that the permissions cannot be changed after 
submission, but this assumption can change in the future.
    -- It is difficult to extend the permissions in general too - every 
operation has to be (forcibly) baked into either the readability or the 
writability category.

So, I propose we change the job-permissions also to use ACLs. The only downside 
is that we lose the simple way of configuring job-permissions using octal 
numbers, but I think that's OK because even now queues ARE being described in 
terms of ACLs.

Thoughts?

> Introduce the concept of Job Permissions
> ----------------------------------------
>
>                 Key: MAPREDUCE-1307
>                 URL: https://issues.apache.org/jira/browse/MAPREDUCE-1307
>             Project: Hadoop Map/Reduce
>          Issue Type: Sub-task
>          Components: security
>            Reporter: Devaraj Das
>             Fix For: 0.22.0
>
>         Attachments: 1307-early-1.patch
>
>
> It would be good to define the notion of job permissions analogous to file 
> permissions. Then the JobTracker can restrict who can "read" (e.g. look at 
> the job page) or "modify" (e.g. kill) jobs.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

Reply via email to