Uploaded image for project: 'Hadoop Common'
  1. Hadoop Common
  2. HADOOP-14581

Restrict setOwner to list of user when security is enabled in wasb

    Details

      Description

      Currently in azure FS, setOwner api is exposed to all the users accessing the file system.
      When Authorization is enabled, access to some files/folders is given to particular users based on whether the user is the owner of the file.
      So setOwner has to be restricted to limited set of users to prevent users from exploiting owner based authorization of files and folders.

      Introducing a new config called fs.azure.chown.allowed.userlist which is a comma seperated list of users who are allowed to perform chown operation when authorization is enabled.

        Attachments

        1. HADOOP-14581-003.patch
          11 kB
          Steve Loughran
        2. HADOOP-14581.4.patch
          12 kB
          Varada Hemeswari
        3. HADOOP-14581.2.patch
          11 kB
          Varada Hemeswari
        4. HADOOP-14581.1.patch
          9 kB
          Varada Hemeswari

          Issue Links

            Activity

              People

              • Assignee:
                vahemesw Varada Hemeswari
                Reporter:
                vahemesw Varada Hemeswari
              • Votes:
                0 Vote for this issue
                Watchers:
                3 Start watching this issue

                Dates

                • Due:
                  Created:
                  Updated:
                  Resolved: