accumulo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Edmon Begoli (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (ACCUMULO-246) Improve scan authorizations behavior
Date Mon, 06 Aug 2012 15:32:03 GMT

    [ https://issues.apache.org/jira/browse/ACCUMULO-246?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13429197#comment-13429197
] 

Edmon Begoli commented on ACCUMULO-246:
---------------------------------------

I would make the behavior of accumulo on this configurable. 
In some cases, security posture may prefer no messages of any kind so that scanning by malicious
user does not give any hints if the data is there, if the authorizations are correct.
We might also want to consider some form of auditing, lockup feature for continuing failed
attempts.

In other circumstances, we want to have an exception or a warning.

I therefore propose we have three levels - silent, warning, error, lock.
I am also willing to participate in implementation with appropriate guidance. 
                
> Improve scan authorizations behavior
> ------------------------------------
>
>                 Key: ACCUMULO-246
>                 URL: https://issues.apache.org/jira/browse/ACCUMULO-246
>             Project: Accumulo
>          Issue Type: Task
>          Components: client
>            Reporter: Billie Rinaldi
>              Labels: authorization, scan
>             Fix For: 1.5.0
>
>
> When a user creates a scanner a set of Authorizations is passed.  If the authorizations
passed to the scanner are not a subset of the user's authorizations, then an exception is
thrown.  An alternative would be to intersect the set of scan authorizations with the user's
authorizations.  Many users have had trouble understanding the "silent intersection" behavior,
which resulted in switching to throwing an Exception.  However, in situations where the user's
authorizations are lazily updated, and for very long running scans, intersection would be
preferable.  Possible fixes are 1) adding a flag to indicate whether to intersect or throw
an exception or 2) making it easier for the user to perform the intersection manually (which
would fix some issues, but not the long-running scans).

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

Mime
View raw message