The current implementation of checkSuperuserPrivilege() allows the datanode user from any node to be recognized as a super user. If one datanode is compromised, the intruder can issue shutdownDatanode(), evictWriters(), triggerBlockReport(), etc. against all other datanodes. Although this does not expose stored data, it can cause service disruptions.
This needs to be tightened to allow only the local datanode user.