[jira] [Updated] (HBASE-7237) system metadata for tables/cfs needs to be validated on the master

Thu, 29 Nov 2012 11:36:59 -0800 

     [ 
https://issues.apache.org/jira/browse/HBASE-7237?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Sergey Shelukhin updated HBASE-7237:
------------------------------------

    Description: 
shell currently validates whatever metadata user provides as argument to alter, 
however while looking at some other issue I noticed that user and system 
metadata is stored in the same dictionary in the descriptor, so shell 
validation is easy to bypass by setting a "user" metadata parameter with the 
same name as the system parameter.
E.g. I just set MAX_FILESIZE to "moo" via CONFIG.
This can be fixed in the shell, however the general problem I think is that 
system configuration should be validated server-side (e.g. on the master), not 
just on the client.

  was:
shell currently validates what used provides with alter, however while looking 
at some other issue I noticed that user and system metadata is stored in the 
same dictionary on the server, so it is easy to bypass by setting a "user" 
metadata parameter with the same name as the system parameter.
E.g. I just set MAX_FILESIZE to "moo" via CONFIG.
This can be fixed in the shell, however the general problem I think is that 
system configuration should be validated server-side (e.g. on the master), not 
just on the client.

    
> system metadata for tables/cfs needs to be validated on the master
> ------------------------------------------------------------------
>
>                 Key: HBASE-7237
>                 URL: https://issues.apache.org/jira/browse/HBASE-7237
>             Project: HBase
>          Issue Type: Improvement
>    Affects Versions: 0.96.0
>            Reporter: Sergey Shelukhin
>            Priority: Minor
>
> shell currently validates whatever metadata user provides as argument to 
> alter, however while looking at some other issue I noticed that user and 
> system metadata is stored in the same dictionary in the descriptor, so shell 
> validation is easy to bypass by setting a "user" metadata parameter with the 
> same name as the system parameter.
> E.g. I just set MAX_FILESIZE to "moo" via CONFIG.
> This can be fixed in the shell, however the general problem I think is that 
> system configuration should be validated server-side (e.g. on the master), 
> not just on the client.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Reply via email to