[
https://issues.apache.org/jira/browse/HDFS-6393?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Charles Lamb resolved HDFS-6393.
--------------------------------
Resolution: Not a Problem
This is no longer a problem now that the NN will never handle key material. All
access to key material is handled through the KMS access control mechanisms.
> User settable xAttr to stop HDFS admins from reading/chowning a file
> --------------------------------------------------------------------
>
> Key: HDFS-6393
> URL: https://issues.apache.org/jira/browse/HDFS-6393
> Project: Hadoop HDFS
> Issue Type: Sub-task
> Components: namenode, security
> Reporter: Alejandro Abdelnur
> Assignee: Charles Lamb
>
> A user should be able to set an xAttr on any file in HDFS to stop an HDFS
> admin user from reading the file. The blacklist for chown/chgrp would also
> enforced.
> This will stop an HDFS admin from gaining access to job token files and
> getting HDFS DelegationTokens that would allow him/her to read an encrypted
> file.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
