[
https://issues.apache.org/jira/browse/HBASE-11077?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13986112#comment-13986112
]
Enis Soztutar commented on HBASE-11077:
---------------------------------------
Sorry i missed this, was following the parent jira.
bq. This setting is AccessControlConstants.CF_ATTRIBUTE_EARLY_OUT
("hbase.security.access.early_out"), a boolean. Set to "true" for backwards
compatible behavior.
I think early_out should be set to true by default, so that it is least
surprise to the admin. Otherwise, she has to know about this particular
configuration option, and turn this on. In the other case, where you would not
have perm to table, but some specific cells, then it is fine to require and
explicit parameter. It should not be a common use case.
Did you stop pursuing the READ_INVISIBLE priv aproach?
> [AccessController] Restore compatible early-out access denial
> -------------------------------------------------------------
>
> Key: HBASE-11077
> URL: https://issues.apache.org/jira/browse/HBASE-11077
> Project: HBase
> Issue Type: Sub-task
> Reporter: Andrew Purtell
> Assignee: Andrew Purtell
> Priority: Critical
> Fix For: 0.99.0, 0.98.2
>
> Attachments: HBASE-11077.patch, HBASE-11077.patch, HBASE-11077.patch,
> HBASE-11077.patch
>
>
> See parent for the whole story.
> For 0.98, to start, just put back the early out that was removed in 0.98.0
> and allow it to be overridden with a table attribute.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
