[
https://issues.apache.org/jira/browse/HBASE-13336?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14940897#comment-14940897
]
Mikhail Antonov commented on HBASE-13336:
-----------------------------------------
Since I reviewed the first patch, let me pick this one up..
> Consistent rules for security meta table protections
> ----------------------------------------------------
>
> Key: HBASE-13336
> URL: https://issues.apache.org/jira/browse/HBASE-13336
> Project: HBase
> Issue Type: Improvement
> Reporter: Andrew Purtell
> Fix For: 2.0.0, 1.3.0, 0.98.16
>
> Attachments: HBASE-13336.patch, HBASE-13336_v2.patch
>
>
> The AccessController and VisibilityController do different things regarding
> protecting their meta tables. The AC allows schema changes and disable/enable
> if the user has permission. The VC unconditionally disallows all admin
> actions. Generally, bad things will happen if these meta tables are damaged,
> disabled, or dropped. The likely outcome is random frequent (or constant)
> server side op failures with nasty stack traces. On the other hand some
> things like column family and table attribute changes can have valid use
> cases. We should have consistent and sensible rules for protecting security
> meta tables.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
