Configuring HDFS Directory Permission
Scenario
The permission for some HDFS directories is 777 or 750 by default, which brings potential security risks. You are advised to modify the permission for the HDFS directories after the HDFS is installed to increase user security.
Procedure
Log in to the HDFS client as the MRS cluster administrator and run the following command to modify the permission for the /user directory.
The permission is set to 1777, that is, 1 is added to the original permission. This indicates that only the user who creates the directory can delete it.
hdfs dfs -chmod 1777 /user
To ensure security of the system file, you are advised to harden the security for non-temporary directories. The following directories are examples:
- /user:777
- /mr-history:777
- /mr-history/tmp:777
- /mr-history/done:777
- /user/mapred:755
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.