[jira] [Commented] (HBASE-19483) Add proper privilege check for rsgroup commands

Ted Yu (JIRA) Wed, 13 Dec 2017 09:50:13 -0800

    [ 
https://issues.apache.org/jira/browse/HBASE-19483?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16289620#comment-16289620
 ]


Ted Yu commented on HBASE-19483:
--------------------------------

[~apurtell]:
hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessController.java
 in 1.4 has rs group related hooks.
So the above discussion applies there as well.

FYI

> Add proper privilege check for rsgroup commands
> -----------------------------------------------
>
>                 Key: HBASE-19483
>                 URL: https://issues.apache.org/jira/browse/HBASE-19483
>             Project: HBase
>          Issue Type: Bug
>            Reporter: Ted Yu
>            Assignee: Guangxu Cheng
>             Fix For: 2.0.0-beta-1
>
>         Attachments: HBASE-19483.master.001.patch, 
> HBASE-19483.master.002.patch, HBASE-19483.master.003.patch
>
>
> Currently list_rsgroups command can be executed by any user.
> This is inconsistent with other list commands such as list_peers and 
> list_peer_configs.
> We should add proper privilege check for list_rsgroups command.
> privilege check should be added for get_table_rsgroup / get_server_rsgroup / 
> get_rsgroup commands.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Commented] (HBASE-19483) Add proper privilege check for rsgroup commands

Reply via email to