hadoop-hdfs-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Yi Liu (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HDFS-6705) Create an XAttr that disallows the HDFS admin from accessing a file
Date Tue, 02 Sep 2014 12:54:22 GMT

    [ https://issues.apache.org/jira/browse/HDFS-6705?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14118156#comment-14118156
] 

Yi Liu commented on HDFS-6705:
------------------------------

Hi [~clamb] and [~andrew.wang], could this xattr be something like {{SECURITY_CRYPTO_UNREADABLE_BY_SUPERUSER}},
and only could be set in encryption zones.  Then normal files will not be affected.

> Create an XAttr that disallows the HDFS admin from accessing a file
> -------------------------------------------------------------------
>
>                 Key: HDFS-6705
>                 URL: https://issues.apache.org/jira/browse/HDFS-6705
>             Project: Hadoop HDFS
>          Issue Type: Sub-task
>          Components: namenode, security
>    Affects Versions: 3.0.0
>            Reporter: Charles Lamb
>            Assignee: Charles Lamb
>         Attachments: HDFS-6705.001.patch
>
>
> There needs to be an xattr that specifies that the HDFS admin can not access a file.
This is needed for m/r delegation tokens and data at rest encryption.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message