[jira] [Updated] (HBASE-15132) Master region merge RPC should authorize user request

Ted Yu (JIRA) Sat, 23 Jan 2016 07:48:06 -0800

     [ 
https://issues.apache.org/jira/browse/HBASE-15132?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Ted Yu updated HBASE-15132:
---------------------------
     Hadoop Flags: Reviewed
    Fix Version/s: 1.3.0
                   2.0.0

> Master region merge RPC should authorize user request
> -----------------------------------------------------
>
>                 Key: HBASE-15132
>                 URL: https://issues.apache.org/jira/browse/HBASE-15132
>             Project: HBase
>          Issue Type: Bug
>            Reporter: Ted Yu
>            Assignee: Ted Yu
>             Fix For: 2.0.0, 1.3.0
>
>         Attachments: HBASE-15132-branch-1.v6.patch, HBASE-15132.v1.patch, 
> HBASE-15132.v2.patch, HBASE-15132.v4.patch, HBASE-15132.v5.patch, 
> HBASE-15132.v6.patch, HBASE-15132.v7.patch, HBASE-15132.v8.patch
>
>
> The normal flow for region merge is:
> 1. client sends a master RPC for dispatch merge regions
> 2. master moves the regions to the same regionserver
> 3. master calls mergeRegions RPC on the regionserver. 
> For user initiated region merge, MasterRpcServices#dispatchMergingRegions() 
> is called by HBaseAdmin.
> There is no coprocessor invocation in step 1.
> Step 3 is carried out in the "hbase" user context.
> This leaves potential security hole - any user without proper authorization 
> can merge regions of any table.
> Thanks to Enis who spotted this flaw first.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Updated] (HBASE-15132) Master region merge RPC should authorize user request

Reply via email to