Gary Helmling created HBASE-6104:
------------------------------------
Summary: Require EXEC permission to call coprocessor endpoints
Key: HBASE-6104
URL: https://issues.apache.org/jira/browse/HBASE-6104
Project: HBase
Issue Type: Sub-task
Components: coprocessors, security
Reporter: Gary Helmling
The EXEC action currently exists as only a placeholder in access control. It
should really be used to enforce access to coprocessor endpoint RPC calls,
which are currently unrestricted.
How the ACLs to support this would be modeled deserves some discussion:
* Should access be scoped to a specific table and CoprocessorProtocol extension?
* Should it be possible to grant access to a CoprocessorProtocol implementation
globally (regardless of table)?
* Are per-method restrictions necessary?
* Should we expose hooks available to endpoint implementors so that they could
additionally apply their own permission checks? Some CP endpoints may want to
require READ permissions, others may want to enforce WRITE, or READ + WRITE.
To apply these kinds of checks we would also have to extend the RegionObserver
interface to provide hooks wrapping HRegion.exec().
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
