[jira] [Updated] (HBASE-19634) Add permission check for executeProcedures in AccessController

Duo Zhang (JIRA) Tue, 02 Jan 2018 02:05:28 -0800

     [ 
https://issues.apache.org/jira/browse/HBASE-19634?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Duo Zhang updated HBASE-19634:
------------------------------
    Summary: Add permission check for executeProcedures in AccessController  
(was: Confirm that we do not leak the privilege for modifying replication peer 
to unauthorized user)

> Add permission check for executeProcedures in AccessController
> --------------------------------------------------------------
>
>                 Key: HBASE-19634
>                 URL: https://issues.apache.org/jira/browse/HBASE-19634
>             Project: HBase
>          Issue Type: Sub-task
>          Components: proc-v2, Replication
>            Reporter: Duo Zhang
>         Attachments: HBASE-19634-HBASE-19397.patch
>
>
> This is important, the actual refresh on RS is trigger by the 
> executeProcedure call and it will pass some information. These information 
> should not be fully trusted since anyone can all this method. We need to make 
> sure that the actual data/state for a replication peer is always loaded from 
> the replication storage, not from the parameter of the executeProcedure call.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Updated] (HBASE-19634) Add permission check for executeProcedures in AccessController

Reply via email to