[
https://issues.apache.org/jira/browse/HBASE-21995?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16791271#comment-16791271
]
Duo Zhang commented on HBASE-21995:
-----------------------------------
{quote}
This is secure hbase default behavior, that's why i said 'This feature means to
break many default behaviors in hbase cluster.' (plus cell ACLs, visibility
labels).
{quote}
I do not get your point, what do you mean by breaking default behavior? If you
change the load balancer, it will break the default behavior, and if you enable
stripe compaction, it will break the default behavior. If you think we should
not break the default behavior, I believe we could remove at least half of the
code in HBase.
And what I mean is the secure HDFS cluster, not secure HBase cluster. I just
want to know why you think 700 is the only solution...
{quote}
To improve performance by loosing access constrains, it is especially not a
practical move to those clients who deploys their hbase on cloud.
{quote}
You just said that 'Human mistakes or carelessness should not be taken into
account to judge a system is secure or not', then here why you think it will be
less secure if user deploy HBase on cloud?
FWIW, human is the last defense of everything. You can say that a HBase cluster
should have 700 permission, but you can not stop users just run a chmod command
on HDFS cluster directly right? And this is a feature, it will not be enabled
by default, I still do not get your point why this will break you, if you do
not like just do not enable this feature...
> Add a coprocessor to set HDFS ACL for hbase granted user
> --------------------------------------------------------
>
> Key: HBASE-21995
> URL: https://issues.apache.org/jira/browse/HBASE-21995
> Project: HBase
> Issue Type: Sub-task
> Reporter: Yi Mei
> Priority: Major
>
> To make hbase granted user have the access to scan table snapshots, use HDFS
> ACLs to set user read permission over hfiles.
> The basic implementation is:
> 1. For public directories such as 'data' and 'archive', set other users'
> permission to '--x' to make everyone have the permission to access the
> directory.
> 2. For namespace or table directories such as 'data/ns/table',
> 'archive/ns/table' and '.hbase-snapshot/snapshotName', set user 'r-x' acl and
> default 'r-x' acl when following operations happen:
> grant to namespace or table / revoke from namespace or table / snapshot table
>
> For more details, please reference the design doc:
> https://docs.google.com/document/d/1D2iAdbrW5CcKc2SthJBXA1n2tTMTftuVaFtxbOWFuqM/edit#heading=h.uwo33s7kz427
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
