[jira] [Reopened] (HBASE-19483) Add proper privilege check for rsgroup commands

Wed, 10 Jan 2018 16:47:44 -0800 

     [ 
https://issues.apache.org/jira/browse/HBASE-19483?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Andrew Purtell reopened HBASE-19483:
------------------------------------

Removal of methods from a LimitedPrivate interface is not allowed in a patch 
release. Please provide an addendum for branch-1.4 which restores these methods:

Removed Methods  4 
hbase-server-1.4.0.jar, AccessController.class
package org.apache.hadoop.hbase.security.access
AccessController.isAuthorizationSupported ( Configuration conf ) [static]  :  
boolean 
AccessController.requireNamespacePermission ( String request, String namespace, 
Permission.Action... permissions )  :  void 
AccessController.requireNamespacePermission ( String request, String namespace, 
TableName tableName, Map<byte[ ],? extends java.util.Collection<byte[ ]>> 
familyMap, Permission.Action... permissions )  :  void 

hbase-server-1.4.0.jar, VisibilityController.class
package org.apache.hadoop.hbase.security.visibility
VisibilityController.isAuthorizationSupported ( Configuration conf ) [static]  
:  boolean 


> Add proper privilege check for rsgroup commands
> -----------------------------------------------
>
>                 Key: HBASE-19483
>                 URL: https://issues.apache.org/jira/browse/HBASE-19483
>             Project: HBase
>          Issue Type: Bug
>            Reporter: Ted Yu
>            Assignee: Guangxu Cheng
>             Fix For: 1.4.1, 1.5.0, 2.0.0-beta-1
>
>         Attachments: 19483.master.011.patch, 19483.v11.patch, 
> 19483.v11.patch, HBASE-19483.addendum-1.patch, HBASE-19483.addendum.patch, 
> HBASE-19483.branch-1.001.patch, HBASE-19483.branch-2.001.patch, 
> HBASE-19483.branch-2.002.patch, HBASE-19483.branch-2.003.patch, 
> HBASE-19483.master.001.patch, HBASE-19483.master.002.patch, 
> HBASE-19483.master.003.patch, HBASE-19483.master.004.patch, 
> HBASE-19483.master.005.patch, HBASE-19483.master.006.patch, 
> HBASE-19483.master.007.patch, HBASE-19483.master.008.patch, 
> HBASE-19483.master.009.patch, HBASE-19483.master.010.patch, 
> HBASE-19483.master.011.patch, HBASE-19483.master.011.patch, 
> HBASE-19483.master.012.patch, HBASE-19483.master.013.patch, 
> HBASE-19483.master.014.patch
>
>
> Currently list_rsgroups command can be executed by any user.
> This is inconsistent with other list commands such as list_peers and 
> list_peer_configs.
> We should add proper privilege check for list_rsgroups command.
> privilege check should be added for get_table_rsgroup / get_server_rsgroup / 
> get_rsgroup commands.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Reply via email to