hadoop-hdfs-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Andrew Wang (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HDFS-12907) Allow read-only access to reserved raw for non-superusers
Date Thu, 07 Dec 2017 20:30:00 GMT

    [ https://issues.apache.org/jira/browse/HDFS-12907?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16282487#comment-16282487

Andrew Wang commented on HDFS-12907:

I think that would work, though of course I'd prefer not to open up internal state representation
if it can be avoided.

On the topic of webhdfs client-side encryption, could you talk a little more about your usecase?
We discussed this internally before in the context of Hue, and there didn't seem to be a great
solution. They have a very simple Python WebHDFS client built around effectively curl, and
they'd need to add their own KMS client and encryption routines. Really though, we'd want
to move this all the way to the browser, and write the KMS client and encryption routines
in Javascript. Ouch.

A way of scoping the KMS delegation token to limit what keys could be accessed would also
be an improvement, e.g. a "key token" similar to the HDFS block token. It addresses some of
the issues with webhdfs and encryption.

> Allow read-only access to reserved raw for non-superusers
> ---------------------------------------------------------
>                 Key: HDFS-12907
>                 URL: https://issues.apache.org/jira/browse/HDFS-12907
>             Project: Hadoop HDFS
>          Issue Type: Bug
>          Components: namenode
>    Affects Versions: 2.6.0
>            Reporter: Daryn Sharp
>            Assignee: Rushabh S Shah
>         Attachments: HDFS-12907.patch
> HDFS-6509 added a special /.reserved/raw path prefix to access the raw file contents
of EZ files.  In the simplest sense it doesn't return the FE info in the {{LocatedBlocks}}
so the dfs client doesn't try to decrypt the data.  This facilitates allowing tools like distcp
to copy raw bytes.
> Access to the raw hierarchy is restricted to superusers.  This seems like an overly broad
restriction designed to prevent non-admins from munging the EZ related xattrs.  I believe
we should relax the restriction to allow non-admins to perform read-only operations.  Allowing
non-superusers to easily read the raw bytes will be extremely useful for regular users, esp.
for enabling webhdfs client-side encryption.

This message was sent by Atlassian JIRA

To unsubscribe, e-mail: hdfs-issues-unsubscribe@hadoop.apache.org
For additional commands, e-mail: hdfs-issues-help@hadoop.apache.org

View raw message