[
https://issues.apache.org/jira/browse/HBASE-13336?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14944245#comment-14944245
]
Mikhail Antonov commented on HBASE-13336:
-----------------------------------------
As it seems to be intended in this patch (and what looks logical), we want to
have each of 2 controllers (AC and VC) to cross-check both security tables,
right? I.e. if only AC is installed, it should still check operations against
both tables and vice versa, if both are installed, each checks both tables.
[~apurtell] thoughts?
> Consistent rules for security meta table protections
> ----------------------------------------------------
>
> Key: HBASE-13336
> URL: https://issues.apache.org/jira/browse/HBASE-13336
> Project: HBase
> Issue Type: Improvement
> Reporter: Andrew Purtell
> Assignee: Mikhail Antonov
> Fix For: 2.0.0, 1.3.0, 0.98.16
>
> Attachments: HBASE-13336.patch, HBASE-13336_v2.patch
>
>
> The AccessController and VisibilityController do different things regarding
> protecting their meta tables. The AC allows schema changes and disable/enable
> if the user has permission. The VC unconditionally disallows all admin
> actions. Generally, bad things will happen if these meta tables are damaged,
> disabled, or dropped. The likely outcome is random frequent (or constant)
> server side op failures with nasty stack traces. On the other hand some
> things like column family and table attribute changes can have valid use
> cases. We should have consistent and sensible rules for protecting security
> meta tables.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
