[
https://issues.apache.org/jira/browse/PHOENIX-4529?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16323249#comment-16323249
]
Thomas D'Silva commented on PHOENIX-4529:
-----------------------------------------
When a new sequence is created we can check the hbase:acl table and see which
users have access to the namespace corresponding to the sequence schema and
grant the corresponding access for the that sequence row in SYSTEM.SEQUENCE.
Then we only need to give the user who creates sequences RWX access to the
SYSTEM.SEQUENCE table. Individual users won't be given access to
SYSTEM.SEQUENCE at the table scope, they would only have access to the
sequences in their schema. When we grant a user access on a schema/namespace
using the GRANT statement we should also grant them access to any sequences in
the schema. Revoke would work in a similar way.
> Users should only require RX access to SYSTEM.SEQUENCE table
> ------------------------------------------------------------
>
> Key: PHOENIX-4529
> URL: https://issues.apache.org/jira/browse/PHOENIX-4529
> Project: Phoenix
> Issue Type: Bug
> Reporter: Karan Mehta
>
> Currently, users don't need to have Write access to {{SYSTEM.CATALOG}} and
> other tables, since the code is run on the server side as login user. However
> for {{SYSTEM.SEQUENCE}}, write permission is still needed. This is a
> potential security concern, since it allows anyone to modify the sequences
> created by others. This JIRA is to discuss how we can improve the security of
> this table.
> Potential options include
> 1. Usage of HBase Cell Level Permissions (works only with HFile version 3 and
> above)
> 2. AccessControl at Phoenix Layer by addition of user column in the
> {{SYSTEM.SEQUENCE}} table and use it for access control (Can be error-prone
> for complex scenarios like sequence sharing)
> Please advice.
> [~tdsilva] [~jamestaylor] [~apurtell] [~an...@apache.org] [~elserj]
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
