[jira] [Commented] (HBASE-24345) [ACL] renameRSGroup should require Admin level permission

Pankaj Kumar (Jira) Sat, 09 May 2020 01:26:08 -0700


    [ 
https://issues.apache.org/jira/browse/HBASE-24345?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17103197#comment-17103197
 ]


Pankaj Kumar commented on HBASE-24345:
--------------------------------------

Yeah, ACL check is happening through the AccessController CP hooks in master 
branch. But branch-2 still have the same problem, custom authorization plugins 
(like Ranger) will not check ACL as AccessChecker is directly used in RSGroup 
admin APIs.

> [ACL] renameRSGroup should require Admin level permission
> ---------------------------------------------------------
>
>                 Key: HBASE-24345
>                 URL: https://issues.apache.org/jira/browse/HBASE-24345
>             Project: HBase
>          Issue Type: Improvement
>          Components: acl, rsgroup
>            Reporter: Reid Chan
>            Assignee: Reid Chan
>            Priority: Major
>
> Currently renameRSgroup can be called by anyone without permission



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Commented] (HBASE-24345) [ACL] renameRSGroup should require Admin level permission

Reply via email to