hadoop-common-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Santhosh G Nayak (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HADOOP-14935) Azure: POSIX permissions are taking effect in access() method even when authorization is enabled
Date Fri, 13 Oct 2017 08:54:00 GMT

    [ https://issues.apache.org/jira/browse/HADOOP-14935?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16203207#comment-16203207

Santhosh G Nayak commented on HADOOP-14935:

[~tmarquardt], according to HDFS permissions guide, traversal check is required for all the
operations. But, wasb authorization permission spec does not have traversal check. The main
reason to use READ as a substitute to traversal as a *compromise* was to have a protection
against wrongly diagnosed security issue with hive. Now that it is clearly understood that
the same security issue can be resolved using the implementation of {{access()}} method in
{{NativeAzureFileSystem}}, authorization check from {{getFileStatus()}} alone can be removed.

However, it is not understood, if {{getFileStatus()}} is used instead of {{access()}} in other
applications. So, the main motivation to add {{fs.azure.enable.authorization.getfilestatus}}
is to be able to *reintroduce authorization check for {{getFileStatus()}}* easily, if security
related issues are exposed in other applications in authorization enabled secure cluster without
having to change the code which involves longer turn around time. This cannot be achieved
using {{azure Authorization}} configuration alone, as it is meant for all the file system
operations. I hope this clarifies the confusion. 

> Azure: POSIX permissions are taking effect in access() method even when authorization
is enabled
> ------------------------------------------------------------------------------------------------
>                 Key: HADOOP-14935
>                 URL: https://issues.apache.org/jira/browse/HADOOP-14935
>             Project: Hadoop Common
>          Issue Type: Sub-task
>          Components: fs/azure
>    Affects Versions: 2.9.0
>            Reporter: Santhosh G Nayak
>            Assignee: Santhosh G Nayak
>         Attachments: HADOOP-14935-003.patch, HADOOP-14935-004.patch, HADOOP-14935.1.patch,
> FileSystem implementation class for azure i.e. {{NativeAzureFileSystem}} does not override
{{access(path,mode)}} method and uses the default implementation from the base class. This
base implementaion uses the POSIX permissions to check if the requested user has access to
given path or not even when authorization is enabled, which is incorrect.
> {{NativeAzureFileSystem.access()}} in authorization enabled mode should use the authorization
mechanism provided instead of relying on the POSIX permission ons. So the proposal is to override
{{FileSystem.access()}} method in {{NativeAzureFileSystem}} such that it honors the authorization
mechanism configured in authorization enabled mode and falls back to POSIX permissions otherwise.

This message was sent by Atlassian JIRA

To unsubscribe, e-mail: common-issues-unsubscribe@hadoop.apache.org
For additional commands, e-mail: common-issues-help@hadoop.apache.org

View raw message