hadoop-common-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Doug Cutting (JIRA)" <j...@apache.org>
Subject [jira] Commented: (HADOOP-1298) adding user info to file
Date Thu, 30 Aug 2007 17:42:30 GMT

    [ https://issues.apache.org/jira/browse/HADOOP-1298?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_12523891

Doug Cutting commented on HADOOP-1298:

Christophe says:
Permission checking can be implemented in many ways. The implementation I have in mind allows
you to easily switch to different authorization models. [ ... ]
In the current implementation I want to push, authorizations follow regular POSIX file permissions

While it may be easy from an engineering perspective to switch the authorization model (and
it's even good engineering practice) it may be hard from a user perspective, depending on
how things change.  So if forseeable changes to the namenode may require changes to its authorization
semantics, we should consider now whether these changes would be compatible.

In concrete terms, the question is thus: if we perform authorization checks of all path components
now, and later distribute the namenode in such a way that checks of all components are no
longer possible, would removing those checks break users in any way?  I don't see that it
would.  Does anyone else?  If it won't, then I don't see a problem adding checks of all components
now, in the interests of POSIX compatibility, with the understanding that we may relax that

> adding user info to file
> ------------------------
>                 Key: HADOOP-1298
>                 URL: https://issues.apache.org/jira/browse/HADOOP-1298
>             Project: Hadoop
>          Issue Type: New Feature
>          Components: dfs, fs
>            Reporter: Kurtis Heimerl
>            Assignee: Christophe Taton
>             Fix For: 0.15.0
>         Attachments: 1298_2007-08-23a.patch, hadoop-user-munncha.patch17
> I'm working on adding a permissions model to hadoop's DFS. The first step is this change,
which associates user info with files. Following this I'll assoicate permissions info, then
block methods based on that user info, then authorization of the user info. 
> So, right now i've implemented adding user info to files. I'm looking for feedback before
I clean this up and make it offical. 
> I wasn't sure what release, i'm working off trunk. 

This message is automatically generated by JIRA.
You can reply to this email to add a comment to the issue online.

View raw message