[
https://issues.apache.org/jira/browse/HBASE-13769?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Andrew Purtell reopened HBASE-13769:
------------------------------------
bq. - table/ : I think this is needed to be world readable since clients check
the table status in locate region in Connection (to check if table is disabled)
This should not be allowed. Any client API that does this can be fixed to query
meta or ask the master. Agree we can handle this as a separate case.
bq. - rs/ : ZooKeeperRegistry uses it. And my understanding is that
ConnectionImpl.getCurrentNrHRS() uses it. Seems like this should instead work
over getClusterStatus() instead of this.
This should not be allowed. Any client API that does this should be fixed to
ask the master. Also agree this can be a separate issue.
bq. - backup-masters/ : I could not find why this is needed to be
client-visible.
Let's handle on HBASE-13768
bq. - region-in-transition/ : I could not find why this is needed to be
client-visible
Let's handle on HBASE-13768
> Some ZK ACLs are unnecessarily permissive
> -----------------------------------------
>
> Key: HBASE-13769
> URL: https://issues.apache.org/jira/browse/HBASE-13769
> Project: HBase
> Issue Type: Bug
> Reporter: Andrew Purtell
> Priority: Critical
>
> Some ZK ACLs are unnecessarily permissive. We can remove permissions for
> 'world' on backup-masters/, region-in-transition/, rs/, and table/.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
