[
https://issues.apache.org/jira/browse/HDDS-4709?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Wei-Chiu Chuang resolved HDDS-4709.
-----------------------------------
Fix Version/s: 2.0.0
Resolution: Fixed
> Default ACL of newly created volumes
> ------------------------------------
>
> Key: HDDS-4709
> URL: https://issues.apache.org/jira/browse/HDDS-4709
> Project: Apache Ozone
> Issue Type: New Feature
> Components: Ozone Filesystem
> Affects Versions: 1.0.0
> Reporter: UENISHI Kota
> Priority: Major
> Fix For: 2.0.0
>
>
> When a new volume is created with "-u" option (e.g. "ozone sh create volume
> -u <username> <volume>" ), the default ACL of the volume consists of a list
> of groups, with "all" permission. For example, if a user belongs to groups
> named "alpha", "bravo" and "charlie", the ACL of newly created volume will be:
> * alpha:*:a
> * bravo:*:a
> * charlie:*:a
> This is not safe, because in many cases we don't know who others are in those
> groups. I would feel natural if they are "alpha:*:xlr" (which is like HDFS
> and Unix default permissions 644 or 755), or if no permissions are given to
> groups like S3.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
