hbase-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Liu Shaohui (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HBASE-11300) Wrong permission check for checkAndPut in AccessController
Date Tue, 10 Jun 2014 13:47:02 GMT

    [ https://issues.apache.org/jira/browse/HBASE-11300?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14026445#comment-14026445
] 

Liu Shaohui commented on HBASE-11300:
-------------------------------------

This issue is invalid. Someone help to close it ?

> Wrong permission check for checkAndPut in AccessController
> ----------------------------------------------------------
>
>                 Key: HBASE-11300
>                 URL: https://issues.apache.org/jira/browse/HBASE-11300
>             Project: HBase
>          Issue Type: Bug
>          Components: security
>    Affects Versions: 0.99.0
>            Reporter: Liu Shaohui
>            Assignee: Liu Shaohui
>            Priority: Minor
>
> For the checkAndPut operation, the AccessController only checks the read and write permission
for the family and qualifier to check, but ignores the write permission for the family map
of "put". What's more,  we don't need the write permission for the family and qualifier to
check.
> See the code AccessController.java #1538
> {code}
>     Map<byte[],? extends Collection<byte[]>> families = makeFamilyMap(family,
qualifier);
>     User user = getActiveUser();
>     AuthResult authResult = permissionGranted(OpType.CHECK_AND_PUT, user, env, families,
>       Action.READ, Action.WRITE);
> {code}
> Same problem for checkAndDelete operation.



--
This message was sent by Atlassian JIRA
(v6.2#6252)

Mime
View raw message