hbase-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Laxman (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HBASE-6292) Compact can skip the security access control
Date Fri, 29 Jun 2012 12:07:43 GMT

    [ https://issues.apache.org/jira/browse/HBASE-6292?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13403862#comment-13403862
] 

Laxman commented on HBASE-6292:
-------------------------------

yes shixing, seems to be a problem. do you have a patch for this?

I will update the matrix [HBASE-6192] accordingly.

                
> Compact can skip the security access control
> --------------------------------------------
>
>                 Key: HBASE-6292
>                 URL: https://issues.apache.org/jira/browse/HBASE-6292
>             Project: HBase
>          Issue Type: Bug
>          Components: security
>            Reporter: ShiXing
>            Assignee: ShiXing
>
> When client sends compact command to rs, the rs just create a CompactionRequest, and
then put it into the thread pool to process the CompactionRequest. And when the region do
the compact, it uses the rs's ugi to process the compact, so the compact can successfully
done.
> Example:
> user "mapred" do not have permission "Admin",
> {code}
> hbase(main):001:0> user_permission 'Security'
> User                                Table,Family,Qualifier:Permission               
                                                      
>  mapred                             Security,f1,c1: [Permission: actions=READ,WRITE]

> hbase(main):004:0> put 'Security', 'r6', 'f1:c1', 'v9'
> 0 row(s) in 0.0590 seconds
> hbase(main):005:0> put 'Security', 'r6', 'f1:c1', 'v10'
> 0 row(s) in 0.0040 seconds
> hbase(main):006:0> compact 'Security'
> 0 row(s) in 0.0260 seconds
> {code}
> Maybe we can add permission check in the preCompactSelection() ?

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

Mime
View raw message