hbase-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Hudson (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HBASE-11434) [AccessController] Disallow inbound cells with reserved tags
Date Fri, 04 Jul 2014 05:17:34 GMT

    [ https://issues.apache.org/jira/browse/HBASE-11434?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14052174#comment-14052174
] 

Hudson commented on HBASE-11434:
--------------------------------

SUCCESS: Integrated in HBase-0.98 #374 (See [https://builds.apache.org/job/HBase-0.98/374/])
HBASE-11434 [AccessController] Disallow inbound cells with reserved tags (apurtell: rev 54c186b42c3c77248783d2c3d9181c12e7b06802)
* hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessController.java
* hbase-server/src/test/java/org/apache/hadoop/hbase/security/access/TestAccessController.java


> [AccessController] Disallow inbound cells with reserved tags
> ------------------------------------------------------------
>
>                 Key: HBASE-11434
>                 URL: https://issues.apache.org/jira/browse/HBASE-11434
>             Project: HBase
>          Issue Type: Improvement
>            Reporter: Andrew Purtell
>            Assignee: Andrew Purtell
>             Fix For: 0.99.0, 0.98.4
>
>         Attachments: HBASE-11434.patch, HBASE-11434.patch, HBASE-11434.patch, HBASE-11434.patch
>
>
> The AccessController allows users to store cells with ACL tags encoded by the client.
This isn't a security issue currently, because in order to store the cell the user must have
a relevant WRITE grant, and the user is allowed to specify whatever ACL for the cell they'd
like. However it could become a correctness problem in the future, if we introduce format
sanity checking or the like, so let's disallow inbound mutations containing cells with reserved
tags like the VisibilityController does. 
> The check is skipped if the active user is a superuser. First, superusers are allowed
to do anything. Second, replication (as superuser) must be able to store incoming cells with
ACL tags. 



--
This message was sent by Atlassian JIRA
(v6.2#6252)

Mime
View raw message