[
https://issues.apache.org/jira/browse/HBASE-13768?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14560053#comment-14560053
]
Hadoop QA commented on HBASE-13768:
-----------------------------------
{color:red}-1 overall{color}. Here are the results of testing the latest
attachment
http://issues.apache.org/jira/secure/attachment/12735418/HBASE-13768_v3.patch
against master branch at commit c8c23cc3183735b02e9f43bf7115d9ce3cd2a880.
ATTACHMENT ID: 12735418
{color:green}+1 @author{color}. The patch does not contain any @author
tags.
{color:green}+1 tests included{color}. The patch appears to include 4 new
or modified tests.
{color:green}+1 hadoop versions{color}. The patch compiles with all
supported hadoop versions (2.4.1 2.5.2 2.6.0)
{color:green}+1 javac{color}. The applied patch does not increase the
total number of javac compiler warnings.
{color:green}+1 protoc{color}. The applied patch does not increase the
total number of protoc compiler warnings.
{color:red}-1 javadoc{color}. The javadoc tool appears to have generated 1
warning messages.
{color:green}+1 checkstyle{color}. The applied patch does not increase the
total number of checkstyle errors
{color:green}+1 findbugs{color}. The patch does not introduce any new
Findbugs (version 2.0.3) warnings.
{color:green}+1 release audit{color}. The applied patch does not increase
the total number of release audit warnings.
{color:green}+1 lineLengths{color}. The patch does not introduce lines
longer than 100
{color:green}+1 site{color}. The mvn site goal succeeds with this patch.
{color:red}-1 core tests{color}. The patch failed these unit tests:
org.apache.hadoop.hbase.zookeeper.TestZooKeeperWatcher
Test results:
https://builds.apache.org/job/PreCommit-HBASE-Build/14189//testReport/
Release Findbugs (version 2.0.3) warnings:
https://builds.apache.org/job/PreCommit-HBASE-Build/14189//artifact/patchprocess/newFindbugsWarnings.html
Checkstyle Errors:
https://builds.apache.org/job/PreCommit-HBASE-Build/14189//artifact/patchprocess/checkstyle-aggregate.html
Javadoc warnings:
https://builds.apache.org/job/PreCommit-HBASE-Build/14189//artifact/patchprocess/patchJavadocWarnings.txt
Console output:
https://builds.apache.org/job/PreCommit-HBASE-Build/14189//console
This message is automatically generated.
> ZooKeeper znodes are bootstrapped with insecure ACLs in a secure configuration
> ------------------------------------------------------------------------------
>
> Key: HBASE-13768
> URL: https://issues.apache.org/jira/browse/HBASE-13768
> Project: HBase
> Issue Type: Bug
> Reporter: Andrew Purtell
> Assignee: Enis Soztutar
> Priority: Blocker
> Fix For: 2.0.0, 0.98.13, 1.0.2, 1.2.0, 1.1.1, 0.98.12.1, 1.0.1.1,
> 1.1.0.1
>
> Attachments: HBASE-13768_v1.patch, HBASE-13768_v2.patch,
> HBASE-13768_v3.patch
>
>
> A logic error causes HBase in most secure configuration deployments to handle
> its coordination state in ZooKeeper via insecure ACLs. Anyone with remote
> unauthenticated network access to the ZooKeeper quorum, which by definition
> includes all HBase clients, can make use of this opening to violate the
> operational integrity of the system. For example, critical znodes can be
> deleted, causing outages. It is possible to introduce rogue replication
> endpoints. It is possible to direct the distributed log splitting facility to
> split arbitrary files in HDFS.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
