lujie created HDFS-16004:
----------------------------
Summary: startLogSegment and journal in BackupNode lack Permission
check.
Key: HDFS-16004
URL: https://issues.apache.org/jira/browse/HDFS-16004
Project: Hadoop HDFS
Issue Type: Bug
Reporter: lujie
I have some doubt when i configurate secure HDFS. I know we have Service Level
Authorization for protocols like NamenodeProtocol,DatanodeProtocol and so on.
But i do not find such Authorization for JournalProtocol after reading the
code in HDFSPolicyProvider. And if we have, how can i configurate such
Authorization?
Besides even NamenodeProtocol has Service Level Authorization, its methods
still have Permission check. Take startCheckpoint in NameNodeRpcServer who
implemented NamenodeProtocol for example:
_public NamenodeCommand startCheckpoint(NamenodeRegistration registration)_
_throws IOException {_
_String operationName = "startCheckpoint";_
_checkNNStartup();_
_{color:#ff6600}namesystem.checkSuperuserPrivilege(operationName);{color}_
_......_
I found that the methods in BackupNodeRpcServer who implemented
JournalProtocol lack of such Permission check. See below:
_public void startLogSegment(JournalInfo journalInfo, long epoch,_
_long txid) throws IOException {_
_namesystem.checkOperation(OperationCategory.JOURNAL);_
_verifyJournalRequest(journalInfo);_
_getBNImage().namenodeStartedLogSegment(txid);_
_}_
_@Override_
_public void journal(JournalInfo journalInfo, long epoch, long firstTxId,_
_int numTxns, byte[] records) throws IOException {_
_namesystem.checkOperation(OperationCategory.JOURNAL);_
_verifyJournalRequest(journalInfo);_
_getBNImage().journal(firstTxId, numTxns, records);_
_}_
Do we need add Permission check for them?
Please point out my mistakes if i am wrong or miss something.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: hdfs-dev-unsubscr...@hadoop.apache.org
For additional commands, e-mail: hdfs-dev-h...@hadoop.apache.org
