hbase-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Srikanth Srungarapu <srikanth...@gmail.com>
Subject regarding secure read accesses in 0.98
Date Tue, 23 Sep 2014 23:39:26 GMT
Hi Folks,
I noticed that withing 0.98 branch, the behavior of read accesses depends
on hfile versions. If the user decides to use HFile V3 instead of HFile V2,
then the read actions in case of access denied case start returning 0 rows
instead of throwing AccessDenied exception. Ted mentioned yesterday that
some work has been done in this direction [1], where a flag
"hbase.security.access.early_
out" was provided to the user for restoring the previous behavior. But,
this flag does make sense only in the context of user switching to HFile
V3.  Is it a better idea to get rid of this dependency on file versions and
present users with a single knob for switching behavior? Or can we do
something about making this more consistent, may be not immediately, but
for 1.0?
Thanks,
Srikanth.

References:
[1] https://issues.apache.org/jira/browse/HBASE-11070

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message