[
https://issues.apache.org/jira/browse/HBASE-6188?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16786440#comment-16786440
]
Duo Zhang commented on HBASE-6188:
----------------------------------
OK, the owner related code is still in our TableDescriptor related code and
also lots of tests for AccessController.
What's the final plan here? Completely remove the owner and just give the user
who creates the table all the permissions?
> Remove the concept of table owner
> ---------------------------------
>
> Key: HBASE-6188
> URL: https://issues.apache.org/jira/browse/HBASE-6188
> Project: HBase
> Issue Type: Sub-task
> Components: security
> Affects Versions: 0.94.0, 0.94.1, 0.95.2
> Reporter: Andrew Purtell
> Assignee: Laxman
> Priority: Major
> Labels: security
> Fix For: 0.94.1, 0.95.0
>
> Attachments: HBASE-6188.1.patch, HBASE-6188.2.patch,
> HBASE-6188.3.patch, HBASE-6188.4.patch, HBASE-6188.patch,
> org.apache.hadoop.hbase.security.access.TestAccessController.txt
>
>
> The table owner concept was a design simplification in the initial drop.
> First, the design changes under review means only a user with GLOBAL CREATE
> permission can create a table, which will probably be an administrator.
> Then, granting implicit permissions may lead to oversights and it adds
> unnecessary conditionals to our code. So instead the administrator with
> GLOBAL CREATE permission should make the appropriate grants at table create
> time.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
