[
https://issues.apache.org/jira/browse/HBASE-19093?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16259448#comment-16259448
]
Chia-Ping Tsai edited comment on HBASE-19093 at 11/20/17 4:36 PM:
------------------------------------------------------------------
bq. Currently the test does not check the implemented methods of RegionObserver
interface, because it contains lots of methods which are not important for
security checks. What do you think about it?
Could we have a list of methods which should be not in access control in the
test case? Or we can introduce an *annotation* to denotes the hooks which need
to be authorized.
was (Author: chia7712):
bq. Currently the test does not check the implemented methods of RegionObserver
interface, because it contains lots of methods which are not important for
security checks. What do you think about it?
Could we have a list of methods which should be not in access control in the
test case? Or we can introduce a *annotation* to denotes the hooks which need
to be authorized.
> Check Admin/Table to ensure all operations go via AccessControl
> ---------------------------------------------------------------
>
> Key: HBASE-19093
> URL: https://issues.apache.org/jira/browse/HBASE-19093
> Project: HBase
> Issue Type: Sub-task
> Reporter: stack
> Assignee: Balazs Meszaros
> Priority: Blocker
> Fix For: 2.0.0-beta-1
>
> Attachments: HBASE-19093.master.001.patch
>
>
> A cursory review of Admin Interface has a bunch of methods as open, with out
> AccessControl checks. For example, procedure executor has not check on it.
> This issue is about given the Admin and Table Interfaces a once-over to see
> what is missing and to fill in access control where missing.
> This is a follow-on from work over in HBASE-19048
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
