hadoop-hdfs-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Owen O'Malley (JIRA)" <j...@apache.org>
Subject [jira] Commented: (HDFS-1113) Allow users with write access to a directory to change ownership of its subdirectories/files
Date Tue, 27 Apr 2010 22:09:38 GMT

    [ https://issues.apache.org/jira/browse/HDFS-1113?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12861580#action_12861580
] 

Owen O'Malley commented on HDFS-1113:
-------------------------------------

chown *must* require admin privs, just like in unix, unless you restrict it so that you can
only chown files to yourself. You want to be able to trust the metadata about owners. If the
user can set the owner to someone else, it is just noise. As an example, let's say there is
a file containing secrets. If I'm worried about someone finding it, I'll just chown it to
fred and let him get in trouble.

> Allow users with write access to a directory to change ownership of its subdirectories/files
> --------------------------------------------------------------------------------------------
>
>                 Key: HDFS-1113
>                 URL: https://issues.apache.org/jira/browse/HDFS-1113
>             Project: Hadoop HDFS
>          Issue Type: New Feature
>          Components: name-node
>         Environment: All
>            Reporter: Milind Bhandarkar
>            Assignee: Sanjay Radia
>
> owner and group of a file/directory, and namespace/diskspace quota for a directory are
mutable attributes. If I have writable access to a directory, say /team/MyTeam, and if there
are subdirectories underneath, such as /team/MyTeam/TeamMember1, /team/MyTeam/TeamMember2,
then I should be able to chown, chgrp, setQuota, clrQuota on TeamMemeber{1|2} subdirectories.
Currently in HDFS (and in Posix), it requires me to be a superuser to perform these operations.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message