hbase-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Hudson (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HBASE-13780) Default to 700 for HDFS root dir permissions for secure deployments
Date Thu, 28 May 2015 00:49:24 GMT

    [ https://issues.apache.org/jira/browse/HBASE-13780?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14562106#comment-14562106
] 

Hudson commented on HBASE-13780:
--------------------------------

FAILURE: Integrated in HBase-0.98 #1006 (See [https://builds.apache.org/job/HBase-0.98/1006/])
HBASE-13780 Default to 700 for HDFS root dir permissions for secure deployments (Enis Soztutar)
(apurtell: rev 090d89f749ddaa4e3b3089d3b8715f9f2f038bc4)
* hbase-server/src/main/java/org/apache/hadoop/hbase/master/MasterFileSystem.java
* hbase-common/src/main/resources/hbase-default.xml
* src/main/asciidoc/_chapters/security.adoc


> Default to 700 for HDFS root dir permissions for secure deployments
> -------------------------------------------------------------------
>
>                 Key: HBASE-13780
>                 URL: https://issues.apache.org/jira/browse/HBASE-13780
>             Project: HBase
>          Issue Type: Improvement
>            Reporter: Enis Soztutar
>            Assignee: Enis Soztutar
>             Fix For: 2.0.0, 0.98.13, 1.0.2, 1.2.0, 1.1.1
>
>         Attachments: HBASE-13780-0.98.patch, hbase-13780_v1.patch
>
>
> Secure mode deployments should protect the files under HDFS root dir. We should check
and set the root dirs permissions on a kerberos setup so that users does not have to. 
> We have {{hbase.data.umask.enable}} and {{hbase.data.umask}} for data files, but those
are not that useful since we should protect dir listing, and access to WAL files, snapshot
files, etc. 
> See HBASE-13768 which has an integration test for this. 



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message