[
https://issues.apache.org/jira/browse/HBASE-13771?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Andrew Purtell updated HBASE-13771:
-----------------------------------
Description:
Replication client actions set and modify znodes directly. This is legacy from
an era before we had the AccessController available and missing coverage of
admin action in our security model.
All replication client actions should be mediated by the master, and hooked up
to the coprocessor framework for use by the AccessController. After adding this
functionality we should should restrict access to replication znodes to only
the HBase service principal, but provide a configuration option to relax those
permissions for as long as older admin clients are in use (with a stern
suggestion to upgrade ASAP). This type of functional change, with optional
backwards compatibility, should be fine for all branches.
was:
Replication client actions set and modify znodes directly. This is legacy from
an era before we had the AccessController available and missing coverage of
admin action in our security model.
All replication client actions should all be mediated by the master, and hooked
up to the coprocessor framework for use by the AccessController. After adding
this functionality we should should restrict access to replication znodes to
only the HBase service principal, but provide a configuration option to relax
those permissions for as long as older admin clients are in use (with a stern
suggestion to upgrade ASAP). This type of functional change, with optional
backwards compatibility, should be fine for all branches.
> Replication clients should not access zookeeper directly
> --------------------------------------------------------
>
> Key: HBASE-13771
> URL: https://issues.apache.org/jira/browse/HBASE-13771
> Project: HBase
> Issue Type: Improvement
> Affects Versions: 2.0.0, 1.0.1, 1.1.0, 0.98.12, 1.2.0
> Reporter: Andrew Purtell
> Priority: Critical
>
> Replication client actions set and modify znodes directly. This is legacy
> from an era before we had the AccessController available and missing coverage
> of admin action in our security model.
> All replication client actions should be mediated by the master, and hooked
> up to the coprocessor framework for use by the AccessController. After adding
> this functionality we should should restrict access to replication znodes to
> only the HBase service principal, but provide a configuration option to relax
> those permissions for as long as older admin clients are in use (with a stern
> suggestion to upgrade ASAP). This type of functional change, with optional
> backwards compatibility, should be fine for all branches.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
