How granular is access control on HDFS for unstructured data?

I am looking for any piece of technical paper explaining how access control is conducted on unstructured data ingested by HDFS.

Can the granularity level be smaller than POSIX-ish file permissions?
Similarly, how would products like RecordService (from Cloudera), which provide an abstraction layer for security on storage components, work on unstructured data?

For instance, if I have a very big emails archive file (more than a terabyte), would I be able to specify a more fine-grained ACL than one on the entire file itself? I am thinking about email headers, etc.

Solution

The granularity supported is to the row and column levels. See details.
Presently, for RecordService to work, your data must be organized as Hive Metastore tables. In the future, RecordService may infer structure/schema from the files themselves (but, not the case today).

Hive Always Fails at Mapreduce
Hql query through using YARN APPLICATION ID
Unable to run hadoop application due to NoClassDefFoundError
Hadoop on Windows - "Error JAVA_HOME is incorrectly set."
Ports are not available: listen tcp 0.0.0.0/50070: bind: An attempt was made to access a socket in a way forbidden by its access permissions
Confusion between Operational and Analytical Big Data and on which category Hadoop operates?
Any command to get active namenode for nameservice in hadoop?
Datanode process not running in Hadoop
Python read file as stream from HDFS
What is the purpose of "uber mode" in hadoop?
Change block size of dfs file
Map Reduce Job Failing with OOM [org.apache.hadoop.mapreduce.v2.app.MRAppMaster: Error starting MRAppMaster]
Unable to access Hadoop CLI after enabling Kerberos
How to check if Hadoop daemons are running?
hive -e with delimiter
Does mapreduce program consumes all the files (input dataset) in a folder by default?
Upgrading hadoop to 3.1.2 with hbase-testing-utility 2.2.3
How to understand the result of yarn queue status
Spark: what options can be passed with DataFrame.saveAsTable or DataFrameWriter.options?
Ambari 2.0 installation fails, "<urlopen error [Errno 111] Connection refused>"
Getting java.lang.UnsatisfiedLinkError when trying to run my Code
Hadoop HDFS - Difference between Missing replica and Under replicated blocks
Datanode having trouble with JVM pausing
Apache Crunch Job On AWS EMR using Oozie
How to turn off INFO logging in Spark?
run hadoop ERROR: JAVA_HOME /usr/bin/java does not exist
Hadoop start-all.cmd command : datanode shutting down
MacOS Unable to load native-hadoop library for your platform... using builtin-java classes where applicable
Hadoop - namenode is not starting up
how t restore a hdfs deleted file