[
https://issues.apache.org/jira/browse/HBASE-19634?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16309056#comment-16309056
]
Duo Zhang commented on HBASE-19634:
-----------------------------------
[~stack] Our current permission check on open/close region is dummy...
We require superuser(for system table) or global Admin permission(for other
table), but the preOpen/preClose is called in
OpenRegionHandler/CloseRegionHandler, which is executed in a thread pool at RS
side, so it will always be the system user...
Maybe we should pass the rpc user to the OpenRegionHandler/CloseRegionHandler,
and use doAs when doing the actual processing?
Thanks.
> Add permission check for executeProcedures in AccessController
> --------------------------------------------------------------
>
> Key: HBASE-19634
> URL: https://issues.apache.org/jira/browse/HBASE-19634
> Project: HBase
> Issue Type: Sub-task
> Components: proc-v2, Replication
> Reporter: Duo Zhang
> Assignee: Duo Zhang
> Attachments: HBASE-19634-HBASE-19397-v1.patch,
> HBASE-19634-HBASE-19397.patch
>
>
> This is important, the actual refresh on RS is trigger by the
> executeProcedure call and it will pass some information. These information
> should not be fully trusted since anyone can all this method. We need to make
> sure that the actual data/state for a replication peer is always loaded from
> the replication storage, not from the parameter of the executeProcedure call.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
