hadoop-hdfs-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Tianyin Xu (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (HDFS-10422) Do not throw AccessControlException for syntax errors of security.hdfs.unreadable.by.superuser
Date Wed, 18 May 2016 01:30:13 GMT

     [ https://issues.apache.org/jira/browse/HDFS-10422?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Tianyin Xu updated HDFS-10422:
------------------------------
    Status: Patch Available  (was: Open)

> Do not throw AccessControlException for syntax errors of security.hdfs.unreadable.by.superuser
> ----------------------------------------------------------------------------------------------
>
>                 Key: HDFS-10422
>                 URL: https://issues.apache.org/jira/browse/HDFS-10422
>             Project: Hadoop HDFS
>          Issue Type: Bug
>          Components: namenode
>    Affects Versions: 2.7.2
>            Reporter: Tianyin Xu
>         Attachments: HDFS-10422.000.patch
>
>
> The xattr {{security.hdfs.unreadable.by.superuser}} has certain syntax rules: 
> "this xattr is also write-once, and cannot be removed once set. This xattr does not allow
a value to be set."
> [https://hadoop.apache.org/docs/r2.7.2/hadoop-project-dist/hadoop-hdfs/ExtendedAttributes.html]
> Upon violation, the system should throw {{IllegalArgumentException}} to keep the consistent
behaviour with the other xattrs such as {{raw.hdfs.crypto.encryption.zone}}. 
> Currently, it always throws {{AccessControlException}} which is supposed to be something
related to access control. The only case {{AccessControlException}} should be thrown is when
the superuser tries to access the file, but *not* anything else. 
> If the user set any value, it violates the syntax of the xattr (this xattr does not need
values) which has nothing to do with access control:
> {code:title=XAttrPermissionFilter.java|borderStyle=solid}
>     if (XAttrHelper.getPrefixedName(xAttr).
>         equals(SECURITY_XATTR_UNREADABLE_BY_SUPERUSER)) {
>       if (xAttr.getValue() != null) {
>         throw new AccessControlException("Attempt to set a value for '" +
>             SECURITY_XATTR_UNREADABLE_BY_SUPERUSER +
>             "'. Values are not allowed for this xattr.");
>       }   
>       return;
>     }   
> {code} 
> \\
> Similarly, if the user wants to remove the xattr, it should throw {{IllegalArgumentException}}
just like the encryption xattr in the following code. Basically I don't understand why the
encryption xattr throws an {{IllegalArgumentException}} (via the {{checkArgument}} call) but
the {{security.hdfs.unreadable.by.superuser}} xattr throws an {{AccessControlException}}.
It's the same thing here: both of them cannot be removed...
> {code:title=XAttrPermissionFilter.java|borderStyle=solid}
>         Preconditions.checkArgument(
>             !KEYID_XATTR.equalsIgnoreValue(filter),
>             "The encryption zone xattr should never be deleted.");
>         if (UNREADABLE_BY_SUPERUSER_XATTR.equalsIgnoreValue(filter)) {
>           throw new AccessControlException("The xattr '" +
>               SECURITY_XATTR_UNREADABLE_BY_SUPERUSER + "' can not be deleted.");
>         }   
> {code} 



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

---------------------------------------------------------------------
To unsubscribe, e-mail: hdfs-issues-unsubscribe@hadoop.apache.org
For additional commands, e-mail: hdfs-issues-help@hadoop.apache.org


Mime
View raw message