hadoop-common-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Eli Collins (JIRA)" <j...@apache.org>
Subject [jira] Commented: (HADOOP-7172) SecureIO should not check owner on non-secure clusters that have no native support
Date Tue, 08 Mar 2011 16:46:59 GMT

    [ https://issues.apache.org/jira/browse/HADOOP-7172?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13004050#comment-13004050
] 

Eli Collins commented on HADOOP-7172:
-------------------------------------

+1

Change looks good. Please update the javadoc ("@throws IOException if an IO Error occurred,
or the user does not match") to qualify this for the new behavior.


> SecureIO should not check owner on non-secure clusters that have no native support
> ----------------------------------------------------------------------------------
>
>                 Key: HADOOP-7172
>                 URL: https://issues.apache.org/jira/browse/HADOOP-7172
>             Project: Hadoop Common
>          Issue Type: Bug
>          Components: io, security
>    Affects Versions: 0.22.0
>            Reporter: Todd Lipcon
>            Assignee: Todd Lipcon
>            Priority: Critical
>             Fix For: 0.22.0
>
>         Attachments: hadoop-7172.txt
>
>
> The SecureIOUtils.openForRead function currently uses a racy stat/open combo if security
is disabled and the native libraries are not available. This ends up shelling out to "ls -ld"
which is very very slow. We've seen this cause significant performance regressions on clusters
that match this profile.
> Since the racy permissions check doesn't buy us any security anyway, we should just fall
back to a normal "open" without any stat() at all, if we can't use the native support to do
it efficiently.

--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira

Mime
View raw message