[
https://issues.apache.org/jira/browse/HBASE-24018?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17062186#comment-17062186
]
Andrew Kyle Purtell commented on HBASE-24018:
---------------------------------------------
"Access check for getTableDescriptors is too restrictive" was the ask. Just to
be clear this could very well cause a leak of sensitive schema information at
random user sides so I'm definitely -1 on the general case.
If looking for only specific information please change the description to be
scoped for the actual ask.
> Access check for getTableDescriptors is too restrictive
> -------------------------------------------------------
>
> Key: HBASE-24018
> URL: https://issues.apache.org/jira/browse/HBASE-24018
> Project: HBase
> Issue Type: Improvement
> Reporter: Abhishek Singh Chouhan
> Priority: Major
>
> Currently getTableDescriptor requires a user to have Admin or Create
> permissions. A client might need to get table descriptors to act accordingly
> eg. based on an attribute set or a CP loaded. It should not be necessary for
> the client to have create or admin privileges just to read the descriptor,
> execute and/or read permission should be sufficient?
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
