Mailing-List: contact common-issues-help@hadoop.apache.org; run by ezmlm
Precedence: bulk
Reply-To: common-issues@hadoop.apache.org
Date: Fri, 2 Nov 2012 22:44:14 +0000 (UTC)
From: "Chuan Liu (JIRA)" <jira@apache.org>
To: common-issues@hadoop.apache.org
Message-ID: <1893562575.63314.1351896254238.JavaMail.jiratomcat@arcas>
In-Reply-To: <519424492.63305.1351896253382.JavaMail.jiratomcat@arcas>
Subject: [jira] [Updated] (HADOOP-9006) Winutils should keep Administrators
 privileges intact
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit


     [ https://issues.apache.org/jira/browse/HADOOP-9006?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Chuan Liu updated HADOOP-9006:
------------------------------

    Description: 
This issue was originally discovered by [~ivanmi]. Cite his words as follows.

{quote}
Current by design behavior is for winutils to ACL the folders only for the user passed in thru chmod/chown. This causes some un-natural side effects in cases where Hadoop services run in the context of a non-admin user. For example, Administrators on the box will no longer be able to:
 - delete files created in the context of Hadoop services (other users)
 - check the size of the folder where HDFS blocks are stored
{quote}

In my opinion, it is natural for some special accounts on Windows to be able to access all the folders, including Hadoop folders. This is similar to Linux in the way root users on Linux can always access any directories regardless the permissions set the those directories.

  was:
This issue was originally discovered by [~ivanmi]. Cite his words as follows.

{quuote}
Current by design behavior is for winutils to ACL the folders only for the user passed in thru chmod/chown. This causes some un-natural side effects in cases where Hadoop services run in the context of a non-admin user. For example, Administrators on the box will no longer be able to:
 - delete files created in the context of Hadoop services (other users)
 - check the size of the folder where HDFS blocks are stored
{quote}

In my opinion, it is natural for some special accounts on Windows to be able to access all the folders, including Hadoop folders. This is similar to Linux in the way root users on Linux can always access any directories regardless the permissions set the those directories.

    
> Winutils should keep Administrators privileges intact
> -----------------------------------------------------
>
>                 Key: HADOOP-9006
>                 URL: https://issues.apache.org/jira/browse/HADOOP-9006
>             Project: Hadoop Common
>          Issue Type: Bug
>    Affects Versions: 1-win
>            Reporter: Chuan Liu
>            Assignee: Chuan Liu
>            Priority: Minor
>             Fix For: 1-win
>
>
> This issue was originally discovered by [~ivanmi]. Cite his words as follows.
> {quote}
> Current by design behavior is for winutils to ACL the folders only for the user passed in thru chmod/chown. This causes some un-natural side effects in cases where Hadoop services run in the context of a non-admin user. For example, Administrators on the box will no longer be able to:
>  - delete files created in the context of Hadoop services (other users)
>  - check the size of the folder where HDFS blocks are stored
> {quote}
> In my opinion, it is natural for some special accounts on Windows to be able to access all the folders, including Hadoop folders. This is similar to Linux in the way root users on Linux can always access any directories regardless the permissions set the those directories.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira