[jira] [Updated] (HBASE-13336) Consistent rules for security meta table protections

Andrew Purtell (JIRA) Thu, 16 Jun 2016 18:06:51 -0700

     [ 
https://issues.apache.org/jira/browse/HBASE-13336?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Andrew Purtell updated HBASE-13336:
-----------------------------------
    Fix Version/s:     (was: 0.98.21)
                       (was: 1.3.0)

> Consistent rules for security meta table protections
> ----------------------------------------------------
>
>                 Key: HBASE-13336
>                 URL: https://issues.apache.org/jira/browse/HBASE-13336
>             Project: HBase
>          Issue Type: Improvement
>            Reporter: Andrew Purtell
>            Assignee: Mikhail Antonov
>             Fix For: 2.0.0
>
>         Attachments: HBASE-13336.patch, HBASE-13336_v2.patch
>
>
> The AccessController and VisibilityController do different things regarding 
> protecting their meta tables. The AC allows schema changes and disable/enable 
> if the user has permission. The VC unconditionally disallows all admin 
> actions. Generally, bad things will happen if these meta tables are damaged, 
> disabled, or dropped. The likely outcome is random frequent (or constant) 
> server side op failures with nasty stack traces. On the other hand some 
> things like column family and table attribute changes can have valid use 
> cases. We should have consistent and sensible rules for protecting security 
> meta tables.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Updated] (HBASE-13336) Consistent rules for security meta table protections

Reply via email to