[jira] [Commented] (HBASE-11078) [AccessController] Consider new permission for "read visible"

Wed, 30 Apr 2014 12:12:28 -0700 

    [ 
https://issues.apache.org/jira/browse/HBASE-11078?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13985937#comment-13985937
 ] 

Andrew Purtell commented on HBASE-11078:
----------------------------------------

{quote}
Consider a new permission with the semantics "being able to read only granted 
cells", perhaps called READ_VISIBLE.
Maybe consider a symmetric new permission for writes.
{quote}
Just to clarify, we can claim the current code provides this semantic. With the 
default cell ACL evaluation strategy, in the absence of a CF or CF:qual grant - 
let's call this "CF level grant" - then the user will not be authorized to do 
anything unless the cell has an ACL that grants appropriate permissions. Or, 
with the cell-first ACL evaluation strategy, then regardless of CF level grant 
the cell must have a permission authorizing the action. The parent talks about 
having an option for an alternative to this behavior. Let's call that 
READ_INVISIBLE. Perhaps that is a poor name. Anyway, what would this look like? 
This, if granted at the CF or table level, would allow the user to see any cell 
without an ACL? That is equivalent to granting READ permission at the CF or 
table level today. Or maybe the distinction is pushed down such that it makes a 
behavioral change with respect to the cell-first ACL strategy, in which case it 
could be cells without any ACLs should grant by default instead of deny.

bq. The lack of default READ perm should prevent users from launching scanners.

We don't have this yet.

> [AccessController] Consider new permission for "read visible"
> -------------------------------------------------------------
>
>                 Key: HBASE-11078
>                 URL: https://issues.apache.org/jira/browse/HBASE-11078
>             Project: HBase
>          Issue Type: Sub-task
>            Reporter: Andrew Purtell
>             Fix For: 0.99.0
>
>
> See parent for the whole story.
> Consider a new permission with the semantics "being able to read only granted 
> cells", perhaps called READ_VISIBLE. 
> Maybe consider a symmetric new permission for writes. 
> The lack of default READ perm should prevent users from launching scanners.



--
This message was sent by Atlassian JIRA
(v6.2#6252)

Reply via email to