Xiaoqiao He created HDFS-15051: ---------------------------------- Summary: Propose to revoke WRITE MountTableEntry privilege to super user only Key: HDFS-15051 URL: https://issues.apache.org/jira/browse/HDFS-15051 Project: Hadoop HDFS Issue Type: Sub-task Components: rbf Reporter: Xiaoqiao He Assignee: Xiaoqiao He
The current permission checker of #MountTableStoreImpl is not very restrict. In some case, any user could add/update/remove MountTableEntry without the expected permission checking. The following code segment try to check permission when operate MountTableEntry, however mountTable object is from Client/RouterAdmin {{MountTable mountTable = request.getEntry();}}, and user could pass any mode which could bypass the permission checker. {code:java} public void checkPermission(MountTable mountTable, FsAction access) throws AccessControlException { if (isSuperUser()) { return; } FsPermission mode = mountTable.getMode(); if (getUser().equals(mountTable.getOwnerName()) && mode.getUserAction().implies(access)) { return; } if (isMemberOfGroup(mountTable.getGroupName()) && mode.getGroupAction().implies(access)) { return; } if (!getUser().equals(mountTable.getOwnerName()) && !isMemberOfGroup(mountTable.getGroupName()) && mode.getOtherAction().implies(access)) { return; } throw new AccessControlException( "Permission denied while accessing mount table " + mountTable.getSourcePath() + ": user " + getUser() + " does not have " + access.toString() + " permissions."); } {code} I just propose revoke WRITE MountTableEntry privilege to super user only. -- This message was sent by Atlassian Jira (v8.3.4#803005) --------------------------------------------------------------------- To unsubscribe, e-mail: hdfs-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: hdfs-issues-h...@hadoop.apache.org