Andrew Wong has posted comments on this change. ( http://gerrit.cloudera.org:8080/6348 )
Change subject: KUDU-1918 Prevent hijacking of scanner IDs ...................................................................... Patch Set 7: (7 comments) http://gerrit.cloudera.org:8080/#/c/6348/6//COMMIT_MSG Commit Message: http://gerrit.cloudera.org:8080/#/c/6348/6//COMMIT_MSG@15 PS6, Line 15: scans > Including fault tolerant ones, right? Right. I'm not going to call that out specifically since fault-tolerant scans and non-fault-tolerant scans will be caught by the same endpoint. http://gerrit.cloudera.org:8080/#/c/6348/6/src/kudu/client/client-test.cc File src/kudu/client/client-test.cc: http://gerrit.cloudera.org:8080/#/c/6348/6/src/kudu/client/client-test.cc@5753 PS6, Line 5753: the > Can you test with a fault tolerant scan as well? Done http://gerrit.cloudera.org:8080/#/c/6348/6/src/kudu/tserver/scanners-test.cc File src/kudu/tserver/scanners-test.cc: http://gerrit.cloudera.org:8080/#/c/6348/6/src/kudu/tserver/scanners-test.cc@45 PS6, Line 45: > nit: move it to L44. Done http://gerrit.cloudera.org:8080/#/c/6348/6/src/kudu/tserver/scanners.h File src/kudu/tserver/scanners.h: http://gerrit.cloudera.org:8080/#/c/6348/6/src/kudu/tserver/scanners.h@69 PS6, Line 69: The client > nit: mention it has to be the same client. It doesn't have to be the same client ID. It just has to be the same user. http://gerrit.cloudera.org:8080/#/c/6348/6/src/kudu/tserver/scanners.h@82 PS6, Line 82: // Create a new scanner with a unique ID, inserting it into the map. > nit: update it to reflect how 'remote_user' is used. Done http://gerrit.cloudera.org:8080/#/c/6348/6/src/kudu/tserver/tablet_server-test.cc File src/kudu/tserver/tablet_server-test.cc: http://gerrit.cloudera.org:8080/#/c/6348/6/src/kudu/tserver/tablet_server-test.cc@3406 PS6, Line 3406: // Test that scanners can only be accessed by the user who created it. > nit: add a doc for this? Done http://gerrit.cloudera.org:8080/#/c/6348/6/src/kudu/tserver/tablet_service.cc File src/kudu/tserver/tablet_service.cc: http://gerrit.cloudera.org:8080/#/c/6348/6/src/kudu/tserver/tablet_service.cc@1302 PS6, Line 1302: !s.ok()) { > I think it is probably rare to get an NOT_AUTHORIZED error, but do you thin Yeah good point. Done -- To view, visit http://gerrit.cloudera.org:8080/6348 To unsubscribe, visit http://gerrit.cloudera.org:8080/settings Gerrit-Project: kudu Gerrit-Branch: master Gerrit-MessageType: comment Gerrit-Change-Id: Ic91fa0ca471bd674e35aa2f8de3806b88ad4b3b4 Gerrit-Change-Number: 6348 Gerrit-PatchSet: 7 Gerrit-Owner: Todd Lipcon <[email protected]> Gerrit-Reviewer: Adar Dembo <[email protected]> Gerrit-Reviewer: Alexey Serbin <[email protected]> Gerrit-Reviewer: Andrew Wong <[email protected]> Gerrit-Reviewer: Dan Burkert <[email protected]> Gerrit-Reviewer: David Ribeiro Alves <[email protected]> Gerrit-Reviewer: Hao Hao <[email protected]> Gerrit-Reviewer: Kudu Jenkins (120) Gerrit-Reviewer: Tidy Bot (241) Gerrit-Comment-Date: Sat, 03 Nov 2018 00:38:31 +0000 Gerrit-HasComments: Yes
