[
https://issues.apache.org/jira/browse/HBASE-11043?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13978340#comment-13978340
]
Andrew Purtell commented on HBASE-11043:
----------------------------------------
Because the metadata can carry arbitrary attributes, including such things as a
data encryption key, or something sensitive placed there by the admin or
application.
> Users with table's read/write permission can't get table's description
> ----------------------------------------------------------------------
>
> Key: HBASE-11043
> URL: https://issues.apache.org/jira/browse/HBASE-11043
> Project: HBase
> Issue Type: Bug
> Components: security
> Affects Versions: 0.99.0
> Reporter: Liu Shaohui
> Priority: Minor
> Attachments: HBASE-11043-trunk-v1.diff
>
>
> AccessController#preGetTableDescriptors only allow users with admin or create
> permission to get table's description.
> {quote}
> requirePermission("getTableDescriptors", nameAsBytes, null, null,
> Permission.Action.ADMIN, Permission.Action.CREATE);
> {quote}
> I think Users with table's read/write permission should also be able to get
> table's description.
> Eg: when create a hive table on HBase, hive will get the table description
> to check if the mapping is right. Usually the hive users only have the read
> permission of table.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
