Uploaded image for project: 'Hadoop HDFS'
  1. Hadoop HDFS
  2. HDFS-4685 Implementation of ACLs in HDFS
  3. HDFS-5923

Do not persist the ACL bit in the FsPermission

    XMLWordPrintableJSON

Details

    Description

      The current implementation persists and ACL bit in FSImage and editlogs. Moreover, the security decisions also depend on whether the bit is set.

      The problem here is that we have to maintain the implicit invariant, which is the ACL bit is set if and only if the the inode has AclFeature. The invariant has to be maintained everywhere otherwise it can lead to a security vulnerability. In the worst case, an attacker can toggle the bit and bypass the ACL checks.

      The jira proposes to treat the ACL bit as a transient bit. The bit should not be persisted onto the disk, neither it should affect any security decisions.

      Attachments

        1. HDFS-5923.004.patch
          61 kB
          Chris Nauroth
        2. HDFS-5923.003.patch
          33 kB
          Haohui Mai
        3. HDFS-5923.002.patch
          58 kB
          Chris Nauroth
        4. HDFS-5923.001.patch
          30 kB
          Haohui Mai
        5. HDFS-5923.000.patch
          29 kB
          Haohui Mai

        Issue Links

          is depended upon by

          Sub-task - The sub-task of the issue HDFS-5933 Optimize the FSImage layout for ACLs

          • Major - Major loss of function.
          • Resolved
          is related to

          Bug - A problem which impairs or prevents the functions of the product. HADOOP-10354 TestWebHDFS fails after merge of HDFS-4685 to trunk

          • Major - Major loss of function.
          • Closed

          Bug - A problem which impairs or prevents the functions of the product. HADOOP-10361 Correct alignment in CLI output for ACLs.

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Closed

          Improvement - An improvement or enhancement to an existing feature or task. HDFS-5621 NameNode: add indicator in web UI file system browser if a file has an ACL.

          • Major - Major loss of function.
          • Resolved

          Improvement - An improvement or enhancement to an existing feature or task. HDFS-7384 'getfacl' command and 'getAclStatus' output should be in sync

          • Major - Major loss of function.
          • Closed
          is required by

          Sub-task - The sub-task of the issue HDFS-5932 Ls should display the ACL bit

          • Major - Major loss of function.
          • Resolved

          Test - A new unit, integration or system test. HDFS-5937 Fix TestOfflineEditsViewer on HDFS-4685 branch.

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Resolved
          relates to

          New Feature - A new feature of the product, which has yet to be developed. HDFS-4685 Implementation of ACLs in HDFS

          • Major - Major loss of function.
          • Closed

          Activity

            People

              wheat9 Haohui Mai
              wheat9 Haohui Mai
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: