hbase-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Andrew Purtell (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HBASE-19483) Add proper privilege check for rsgroup commands
Date Thu, 14 Dec 2017 20:20:00 GMT

    [ https://issues.apache.org/jira/browse/HBASE-19483?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16291539#comment-16291539

Andrew Purtell commented on HBASE-19483:

So after the proposed refactor, the AccessController and RSGroupAdminEndpoint would utilize
some common code for representing ACLs and storing and retrieving the grants? 

After doing that refactor could we move the bulk load hooks out to the secure bulk load endpoint?

I like it

> Add proper privilege check for rsgroup commands
> -----------------------------------------------
>                 Key: HBASE-19483
>                 URL: https://issues.apache.org/jira/browse/HBASE-19483
>             Project: HBase
>          Issue Type: Bug
>            Reporter: Ted Yu
>            Assignee: Guangxu Cheng
>             Fix For: 1.4.1, 1.5.0, 2.0.0-beta-1
>         Attachments: HBASE-19483.master.001.patch, HBASE-19483.master.002.patch, HBASE-19483.master.003.patch
> Currently list_rsgroups command can be executed by any user.
> This is inconsistent with other list commands such as list_peers and list_peer_configs.
> We should add proper privilege check for list_rsgroups command.
> privilege check should be added for get_table_rsgroup / get_server_rsgroup / get_rsgroup

This message was sent by Atlassian JIRA

View raw message