[
https://issues.apache.org/jira/browse/HBASE-11136?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14126541#comment-14126541
]
Enis Soztutar commented on HBASE-11136:
---------------------------------------
This looks important to fix.
postRollWALWriter() is not called from the RS. Also the name
pre/postRollWALWriter() implies that they are called from RS normally (for all
WAL rolling), but these are just for log roll requests. we should name them
postRollWALWriterRequest() I think.
Other than that, the patch looks good. [~apurtell] it would be good if you took
a look.
> Add permission check to roll WAL writer
> ----------------------------------------
>
> Key: HBASE-11136
> URL: https://issues.apache.org/jira/browse/HBASE-11136
> Project: HBase
> Issue Type: Improvement
> Components: regionserver, security
> Affects Versions: 0.96.2, 0.98.2
> Reporter: Jerry He
> Assignee: Jerry He
> Priority: Minor
> Fix For: 0.99.0
>
> Attachments: HBASE-11136-trunk-v1.patch
>
>
> Currently HBase provides HBaseAdmin.rollHLogWriter() and shell command to
> roll WAL on a region server. But no permission check is done on this
> operation in a secure cluster.
> We need to add permission check to prevent un-authorized user from running
> this operation.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
