hadoop-hdfs-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Alejandro Abdelnur (JIRA)" <j...@apache.org>
Subject [jira] [Created] (HDFS-6393) User settable xAttr to stop HDFS admins from reading/chowning a file
Date Tue, 13 May 2014 20:35:15 GMT
Alejandro Abdelnur created HDFS-6393:
----------------------------------------

             Summary: User settable xAttr to stop HDFS admins from reading/chowning a file
                 Key: HDFS-6393
                 URL: https://issues.apache.org/jira/browse/HDFS-6393
             Project: Hadoop HDFS
          Issue Type: Sub-task
          Components: namenode, security
            Reporter: Alejandro Abdelnur
            Assignee: Charles Lamb


A user should be able to an xAttr on any file in HDFS to stop an HDFS admin user from reading
the file. The blacklist for chown/chgrp would also e enforced.

This will stop an HDFS admin from aging access to job token files and getting HDFS DelegationTokens
that would allow him/her to read an encrypted file.



--
This message was sent by Atlassian JIRA
(v6.2#6252)

Mime
View raw message