Return-Path: <common-issues-return-142452-archive-asf-public=cust-asf.ponee.io@hadoop.apache.org>
X-Original-To: archive-asf-public-internal@cust-asf2.ponee.io
Delivered-To: archive-asf-public-internal@cust-asf2.ponee.io
Received: from cust-asf.ponee.io (cust-asf.ponee.io [163.172.22.183])
	by cust-asf2.ponee.io (Postfix) with ESMTP id A06CE200D12
	for <archive-asf-public-internal@cust-asf2.ponee.io>; Sat,  7 Oct 2017 12:22:04 +0200 (CEST)
Received: by cust-asf.ponee.io (Postfix)
	id 9EC361609D3; Sat,  7 Oct 2017 10:22:04 +0000 (UTC)
Delivered-To: archive-asf-public@cust-asf.ponee.io
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by cust-asf.ponee.io (Postfix) with SMTP id E35221609B8
	for <archive-asf-public@cust-asf.ponee.io>; Sat,  7 Oct 2017 12:22:03 +0200 (CEST)
Received: (qmail 53341 invoked by uid 500); 7 Oct 2017 10:22:03 -0000
Mailing-List: contact common-issues-help@hadoop.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:common-issues-help@hadoop.apache.org>
List-Unsubscribe: <mailto:common-issues-unsubscribe@hadoop.apache.org>
List-Post: <mailto:common-issues@hadoop.apache.org>
List-Id: <common-issues.hadoop.apache.org>
Delivered-To: mailing list common-issues@hadoop.apache.org
Received: (qmail 53328 invoked by uid 99); 7 Oct 2017 10:22:03 -0000
Received: from pnap-us-west-generic-nat.apache.org (HELO spamd3-us-west.apache.org) (209.188.14.142)
    by apache.org (qpsmtpd/0.29) with ESMTP; Sat, 07 Oct 2017 10:22:02 +0000
Received: from localhost (localhost [127.0.0.1])
	by spamd3-us-west.apache.org (ASF Mail Server at spamd3-us-west.apache.org) with ESMTP id 4E07C1806DF
	for <common-issues@hadoop.apache.org>; Sat,  7 Oct 2017 10:22:02 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at spamd3-us-west.apache.org
X-Spam-Flag: NO
X-Spam-Score: -99.202
X-Spam-Level: 
X-Spam-Status: No, score=-99.202 tagged_above=-999 required=6.31
	tests=[KAM_ASCII_DIVIDERS=0.8, RP_MATCHES_RCVD=-0.001,
	SPF_PASS=-0.001, USER_IN_WHITELIST=-100] autolearn=disabled
Received: from mx1-lw-us.apache.org ([10.40.0.8])
	by localhost (spamd3-us-west.apache.org [10.40.0.10]) (amavisd-new, port 10024)
	with ESMTP id I8Uf5Zn4Jm4i for <common-issues@hadoop.apache.org>;
	Sat,  7 Oct 2017 10:22:01 +0000 (UTC)
Received: from mailrelay1-us-west.apache.org (mailrelay1-us-west.apache.org [209.188.14.139])
	by mx1-lw-us.apache.org (ASF Mail Server at mx1-lw-us.apache.org) with ESMTP id 6F9A25F569
	for <common-issues@hadoop.apache.org>; Sat,  7 Oct 2017 10:22:01 +0000 (UTC)
Received: from jira-lw-us.apache.org (unknown [207.244.88.139])
	by mailrelay1-us-west.apache.org (ASF Mail Server at mailrelay1-us-west.apache.org) with ESMTP id EA356E09A5
	for <common-issues@hadoop.apache.org>; Sat,  7 Oct 2017 10:22:00 +0000 (UTC)
Received: from jira-lw-us.apache.org (localhost [127.0.0.1])
	by jira-lw-us.apache.org (ASF Mail Server at jira-lw-us.apache.org) with ESMTP id 9F23C24327
	for <common-issues@hadoop.apache.org>; Sat,  7 Oct 2017 10:22:00 +0000 (UTC)
Date: Sat, 7 Oct 2017 10:22:00 +0000 (UTC)
From: "Steve Loughran (JIRA)" <jira@apache.org>
To: common-issues@hadoop.apache.org
Message-ID: <JIRA.13104258.1506077750000.295454.1507371720648@Atlassian.JIRA>
In-Reply-To: <JIRA.13104258.1506077750000@Atlassian.JIRA>
References: <JIRA.13104258.1506077750000@Atlassian.JIRA> <JIRA.13104258.1506077750795@jira-lw-us.apache.org>
Subject: [jira] [Updated] (HADOOP-14899) Restrict Access to setPermission
 operation when authorization is enabled in WASB
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394
archived-at: Sat, 07 Oct 2017 10:22:04 -0000


     [ https://issues.apache.org/jira/browse/HADOOP-14899?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Steve Loughran updated HADOOP-14899:
------------------------------------
       Resolution: Fixed
    Fix Version/s: 3.1.0
                   2.9.0
           Status: Resolved  (was: Patch Available)

committed to branch-2 & trunk. Closing the issue. Thanks!

> Restrict Access to setPermission operation when authorization is enabled in WASB
> --------------------------------------------------------------------------------
>
>                 Key: HADOOP-14899
>                 URL: https://issues.apache.org/jira/browse/HADOOP-14899
>             Project: Hadoop Common
>          Issue Type: Sub-task
>          Components: fs/azure
>    Affects Versions: 2.8.1
>            Reporter: Kannapiran Srinivasan
>            Assignee: Kannapiran Srinivasan
>              Labels: fs, secure, wasb
>             Fix For: 2.9.0, 3.1.0
>
>         Attachments: HADOOP-14899-001.patch, HADOOP-14899-002.patch, HADOOP-14899-003.patch, HADOOP-14899-004.patch, HADOOP-14899-005.patch, HADOOP-14899-branch-2-005.patch
>
>
> In case of authorization enabled Wasb clusters, we need to restrict setting permissions on files or folders to owner or list of privileged users.
> Currently in the WASB implementation even when authorization is enabled there is no check happens while doing setPermission call. In this JIRA we would like to add the check on the setPermission call in NativeAzureFileSystem implementation so that only owner or the privileged list of users or daemon users can change the permissions of files/folders



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

---------------------------------------------------------------------
To unsubscribe, e-mail: common-issues-unsubscribe@hadoop.apache.org
For additional commands, e-mail: common-issues-help@hadoop.apache.org