falcon-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Balu Vellanki <bvella...@hortonworks.com>
Subject [Discuss] : Should a non-superuser be allowed to update ACL of feed or process entity
Date Mon, 14 Sep 2015 21:42:38 GMT
Hi Team,

Today, Feed/Process entities have ACL with owner and group. Support for permissions is not
implemented yet. Any user who is the owner OR who belongs to the group can update/delete/suspend
the entity.

If two users "user1" and "user2" belong to same group "users" and the falcon entity ACL is
<ACL owner="user1" group="users" permission="*"/>, then user2 can update the falcon
entity and claim ownership of this entity. I believe that user2 should not be allowed to do
so unless it is superuser.  Similar behavior is not allowed in HDFS.  Please comment if you
disagree.

https://issues.apache.org/jira/browse/FALCON-1340

Thanks
Balu Velalnki

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message