falcon-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Srikanth Sundarrajan (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (FALCON-1649) 777 permission issue on staging directory and on subdirectory
Date Wed, 09 Dec 2015 03:39:11 GMT

    [ https://issues.apache.org/jira/browse/FALCON-1649?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15047968#comment-15047968
] 

Srikanth Sundarrajan commented on FALCON-1649:
----------------------------------------------

Please do consider the possibility of staging directory being owned by falcon and when falcon
creates new directory under staging for an entity, chown it to the user who is the owner of
the entity (or at least for the logs directory). Since falcon has doAs permission (because
it can proxy as others), it can act on behalf of other users and perform the required actions
(such as log cleanup etc) or delete the entity directory.

>  777 permission issue on staging directory and on subdirectory
> --------------------------------------------------------------
>
>                 Key: FALCON-1649
>                 URL: https://issues.apache.org/jira/browse/FALCON-1649
>             Project: Falcon
>          Issue Type: Bug
>            Reporter: sandeep samudrala
>
> The conversation from https://issues.apache.org/jira/browse/FALCON-1647 have been copied
to the below comments.
> This jira will capture the details regarding how the staging directory should be presented
as having 777 as permission is a security issue.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message