[jira] [Commented] (HBASE-19400) Add missing security checks in MasterRpcServices

Tue, 20 Feb 2018 19:06:56 -0800 

    [ 
https://issues.apache.org/jira/browse/HBASE-19400?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16370892#comment-16370892
 ] 

Hudson commented on HBASE-19400:
--------------------------------

SUCCESS: Integrated in Jenkins build HBase-Trunk_matrix #4620 (See 
[https://builds.apache.org/job/HBase-Trunk_matrix/4620/])
HBASE-19400 Add missing security checks in MasterRpcServices (appy: rev 
6b8439366134b6749895b6019bc068d169865b48)
* (edit) 
hbase-server/src/main/java/org/apache/hadoop/hbase/regionserver/HRegionServer.java
* (edit) 
hbase-server/src/test/java/org/apache/hadoop/hbase/security/access/TestAccessController.java
* (add) 
hbase-server/src/test/java/org/apache/hadoop/hbase/security/access/TestAdminOnlyOperations.java
* (edit) 
hbase-rsgroup/src/main/java/org/apache/hadoop/hbase/rsgroup/RSGroupAdminEndpoint.java
* (edit) 
hbase-server/src/main/java/org/apache/hadoop/hbase/regionserver/RSRpcServices.java
* (edit) 
hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessController.java
* (edit) 
hbase-server/src/main/java/org/apache/hadoop/hbase/master/MasterRpcServices.java
* (edit) 
hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessChecker.java


> Add missing security checks in MasterRpcServices
> ------------------------------------------------
>
>                 Key: HBASE-19400
>                 URL: https://issues.apache.org/jira/browse/HBASE-19400
>             Project: HBase
>          Issue Type: Sub-task
>    Affects Versions: 2.0.0-beta-1
>            Reporter: Balazs Meszaros
>            Assignee: Appy
>            Priority: Major
>             Fix For: 2.0.0-beta-2
>
>         Attachments: HBASE-19400.master.001.patch, 
> HBASE-19400.master.002.patch, HBASE-19400.master.003.patch, 
> HBASE-19400.master.004.patch, HBASE-19400.master.004.patch, 
> HBASE-19400.master.005.patch, HBASE-19400.master.006.patch, 
> HBASE-19400.master.007.patch, HBASE-19400.master.007.patch
>
>
> The following RPC methods in MasterRpcServices do not have ACL check for 
> ADMIN rights.
> - normalize
> - setNormalizerRunning
> - runCatalogScan
> - enableCatalogJanitor
> - runCleanerChore
> - setCleanerChoreRunning
> - execMasterService
> - execProcedure
> - execProcedureWithRet



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Reply via email to