[
https://issues.apache.org/jira/browse/AMBARI-16164?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Ted Yu updated AMBARI-16164:
----------------------------
Description:
Currently in secure deployment, user can request compaction / splitting through
hbase master UI.
This potentially exposes vulnerability to various attacks.
There is config parameter, hbase.master.ui.readonly, with default value of
false.
In secure deployment, Master UI should be put to readonly mode (setting the
above parameter to true).
Admin can always request compaction / splitting through hbase shell.
was:
Currently in secure deployment, user can request compaction / splitting through
hbase master UI.
This potentially exposes vulnerability to various attacks.
There is config parameter, hbase.master.ui.readonly, with default value of
false.
In secure deployment, Master UI should be put to readonly mode (setting the
above parameter to true).
> Put HBase master UI into readonly mode for secure deployment
> ------------------------------------------------------------
>
> Key: AMBARI-16164
> URL: https://issues.apache.org/jira/browse/AMBARI-16164
> Project: Ambari
> Issue Type: Improvement
> Reporter: Ted Yu
>
> Currently in secure deployment, user can request compaction / splitting
> through hbase master UI.
> This potentially exposes vulnerability to various attacks.
> There is config parameter, hbase.master.ui.readonly, with default value of
> false.
> In secure deployment, Master UI should be put to readonly mode (setting the
> above parameter to true).
> Admin can always request compaction / splitting through hbase shell.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
