[ https://issues.apache.org/jira/browse/PHOENIX-4529?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16353292#comment-16353292 ]
Thomas D'Silva commented on PHOENIX-4529: ----------------------------------------- [~jamestaylor] If we have tenant specific sequences will they be in the same region as the global sequences of the same schema using our previous implementation of MetaDataSplitPolicy? It wasn't clear looking at the code. If so I think we can use this policy and rely on locking these rows. [~karanmehta93] Good point, we will have to handle the initial creation of sequences for users that don't have write access at the table or namespace/schema scope. We could handle this on the server side similar to how its currently handled for SYSTEM.CATALOG in MetadataEndpointImpl using User.runAsLoginUser. [~apurtell] Instead of using cell-level acls, we could implement our own AccessController that wraps the {{checkCoveringPermission()}} and {{internalPreRead()}} methods of AccessController. For SYSTEM.SEQUENCE we could validate that the user has access by extracting the schema name of the sequence from the rowkey. We wouldn't have to re-write cell acls whenever a permission is granted or revoked to a user. > Users should only require RX access to SYSTEM.SEQUENCE table > ------------------------------------------------------------ > > Key: PHOENIX-4529 > URL: https://issues.apache.org/jira/browse/PHOENIX-4529 > Project: Phoenix > Issue Type: Bug > Reporter: Karan Mehta > Assignee: Thomas D'Silva > Priority: Major > > Currently, users don't need to have Write access to {{SYSTEM.CATALOG}} and > other tables, since the code is run on the server side as login user. However > for {{SYSTEM.SEQUENCE}}, write permission is still needed. This is a > potential security concern, since it allows anyone to modify the sequences > created by others. This JIRA is to discuss how we can improve the security of > this table. > Potential options include > 1. Usage of HBase Cell Level Permissions (works only with HFile version 3 and > above) > 2. AccessControl at Phoenix Layer by addition of user column in the > {{SYSTEM.SEQUENCE}} table and use it for access control (Can be error-prone > for complex scenarios like sequence sharing) > Please advice. > [~tdsilva] [~jamestaylor] [~apurtell] [~an...@apache.org] [~elserj] -- This message was sent by Atlassian JIRA (v7.6.3#76005)