[
https://issues.apache.org/jira/browse/HBASE-10823?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13970285#comment-13970285
]
Hudson commented on HBASE-10823:
--------------------------------
SUCCESS: Integrated in HBase-0.98 #279 (See
[https://builds.apache.org/job/HBase-0.98/279/])
HBASE-10823 Resolve LATEST_TIMESTAMP to current server time before scanning for
ACLs (apurtell: rev 1587653)
*
/hbase/branches/0.98/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessController.java
*
/hbase/branches/0.98/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/TableAuthManager.java
*
/hbase/branches/0.98/hbase-server/src/test/java/org/apache/hadoop/hbase/security/access/TestCellACLWithMultipleVersions.java
*
/hbase/branches/0.98/hbase-server/src/test/java/org/apache/hadoop/hbase/security/access/TestCellACLs.java
> Resolve LATEST_TIMESTAMP to current server time before scanning for ACLs
> ------------------------------------------------------------------------
>
> Key: HBASE-10823
> URL: https://issues.apache.org/jira/browse/HBASE-10823
> Project: HBase
> Issue Type: Improvement
> Affects Versions: 0.98.1
> Reporter: Andrew Purtell
> Assignee: Andrew Purtell
> Priority: Minor
> Fix For: 0.99.0, 0.98.2
>
> Attachments: HBASE-10823.patch, HBASE-10823.patch, HBASE-10823.patch,
> test.patch
>
>
> Storing values with timestamps in the future is probably bad practice and can
> lead to surprises. If cells with timestamps in the future have ACLs,
> permissions from those ACLs will incorrectly be considered for authorizing
> the pending mutation. For sure that will be surprising.
> We should be able to avoid this case by resolving LATEST_TIMESTAMP to the
> current server time when creating the internal scanner for finding ACLs in
> the covered cell set.
> Documenting a todo item from a discussion between [~anoop.hbase] and myself.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
