hbase-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Misty Stanley-Jones <mi...@apache.org>
Subject Re: Critical security related notice for releases containing HBASE-19483 (1.4.1, 1.5.0, 2.0.0)
Date Fri, 23 Feb 2018 00:38:53 GMT
Thanks, Appy. Big thanks for making sure this change was documented during
the patch review, as well! It seems maybe this notice should have gone to
the users@ list, as well.

On Thu, Feb 22, 2018 at 4:02 PM Apekshit Sharma <appy@cloudera.com> wrote:

> Default value for hbase.security.authorization has been changed from true
> to false. Secured clusters should make sure to explicitly set it to true in
> XML configuration file before upgrading to one of these versions. (
> https://issues.apache.org/jira/browse/HBASE-19483)
>
> True as default value of hbase.security.authorization doesn't make any
> sense, since not all clusters need authorization. (History: HBASE-13275
> <https://issues.apache.org/jira/browse/HBASE-13275>) Rather, only the
> clusters which need authorization should set this config as false. Going
> further, setting this config should be single switch to enable/disable
> authorization, conditional on appropriate coprocessors loaded (a condition
> we'll try to remove in future by incorporating access control directly into
> hbase as core feature rather then as coprocessor).
>
> -- Appy
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message