Starting from HDP 3.0, the WebHDFS UI (i.e. the namenode UI file explorer on port 50070) now includes a bin icon that can be used to delete HDFS files. It seems to do this by calling a rest api DELETE hook, but in doing so it also seems to bypass any file or folder permissions. In other words, anyone who can reach the UI on 50070 is now able to delete any HDFS file.
Is there a way I can keep the WebHDFS UI accessible for cluster users, but prevent them from being to delete files?
Possible ideas may be somehow disable or block the DELETE hook, making the whole WebHDFS read-only or implementing some form of authentication, while keeping the UI accessible. What does the community recommend for this?
I couldn't find any previous solutions for this, so I experimented for myself and came up with the following. Sharing for other people's benefit:
What this does is change the webHDFS user to a non-existing hdfs user 'browser' (By default it seems to get supergroup user privileges).
The second property overwrites what groups the specified user gets assigned to. In this case, I overwrite the user 'browser' to not belong to any group, thus removing its supergroup privileges.
Afterwards when you check the webHDFS UI you'll still see the bin icon next to files, but if the icon is clicked the page will display a permissions error.