hbase-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Andrew Purtell (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HBASE-19483) Add proper privilege check for rsgroup commands
Date Thu, 14 Dec 2017 20:20:00 GMT

    [ https://issues.apache.org/jira/browse/HBASE-19483?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16291539#comment-16291539
] 

Andrew Purtell commented on HBASE-19483:
----------------------------------------

So after the proposed refactor, the AccessController and RSGroupAdminEndpoint would utilize
some common code for representing ACLs and storing and retrieving the grants? 

After doing that refactor could we move the bulk load hooks out to the secure bulk load endpoint?


I like it

> Add proper privilege check for rsgroup commands
> -----------------------------------------------
>
>                 Key: HBASE-19483
>                 URL: https://issues.apache.org/jira/browse/HBASE-19483
>             Project: HBase
>          Issue Type: Bug
>            Reporter: Ted Yu
>            Assignee: Guangxu Cheng
>             Fix For: 1.4.1, 1.5.0, 2.0.0-beta-1
>
>         Attachments: HBASE-19483.master.001.patch, HBASE-19483.master.002.patch, HBASE-19483.master.003.patch
>
>
> Currently list_rsgroups command can be executed by any user.
> This is inconsistent with other list commands such as list_peers and list_peer_configs.
> We should add proper privilege check for list_rsgroups command.
> privilege check should be added for get_table_rsgroup / get_server_rsgroup / get_rsgroup
commands.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Mime
View raw message