[jira] [Commented] (HBASE-15147) Shell should use Admin.listTableNames() instead of Admin.listTables()
[
https://issues.apache.org/jira/browse/HBASE-15147?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15112814#comment-15112814
]
Andrew Purtell commented on HBASE-15147:
bq. However, if there are use cases where Table descriptor might contain
sensitive info,
This answer is yes, because HBase encryption can put key material in CF
descriptors, and there can be arbitrary user supplied attributes on CF and
table descriptors. The table and CF names, however, are not expected to be
sensitive, since it's not possible to hide them for a number of reasons.
> Shell should use Admin.listTableNames() instead of Admin.listTables()
> --
>
> Key: HBASE-15147
> URL: https://issues.apache.org/jira/browse/HBASE-15147
> Project: HBase
> Issue Type: Bug
>Reporter: Enis Soztutar
>Assignee: Enis Soztutar
> Fix For: 2.0.0, 1.2.0, 1.3.0, 1.1.4, 1.0.4
>
> Attachments: hbase-15147_v1.patch
>
>
> It seems that getTableDescriptors() in master checks for A and C permissions
> while getTableNames() checks for any privilege on the table. The reasoning is
> explained here:
> https://issues.apache.org/jira/browse/HBASE-12564?focusedCommentId=14234504=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-14234504
>
> We should change the shell command for {{list}} to use the getTableNames()
> version because of this. Otherwise a user having only R or W cannot list the
> table name.
> This has been reported from a user here:
> https://community.hortonworks.com/questions/10742/why-does-a-user-need-create-permission-for-list-co.html#comment-11000.
>
> While we are at it, should we revisit the fact that you cannot get a table
> descriptor if you have only R or W? It seems strange that you cannot even
> know the CF names of a table that you can read from. I could not find info
> about the "describe" privileges on SQL databases. However, if there are use
> cases where Table descriptor might contain sensitive info, the current
> semantics seems fine. cc [~apurtell] and [~mbertozzi].
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
[jira] [Commented] (HBASE-15147) Shell should use Admin.listTableNames() instead of Admin.listTables()
[
https://issues.apache.org/jira/browse/HBASE-15147?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15112853#comment-15112853
]
Enis Soztutar commented on HBASE-15147:
---
bq. HBase encryption can put key material in CF descriptors, and there can be
arbitrary user supplied attributes on CF and table descriptors.
I see. Then we can do the stripping of information in HTD/HCD depending on
perms in a follow up jira if needed.
> Shell should use Admin.listTableNames() instead of Admin.listTables()
> --
>
> Key: HBASE-15147
> URL: https://issues.apache.org/jira/browse/HBASE-15147
> Project: HBase
> Issue Type: Bug
>Reporter: Enis Soztutar
>Assignee: Enis Soztutar
> Fix For: 2.0.0, 1.2.0, 1.3.0, 1.1.4, 1.0.4
>
> Attachments: hbase-15147_v1.patch
>
>
> It seems that getTableDescriptors() in master checks for A and C permissions
> while getTableNames() checks for any privilege on the table. The reasoning is
> explained here:
> https://issues.apache.org/jira/browse/HBASE-12564?focusedCommentId=14234504=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-14234504
>
> We should change the shell command for {{list}} to use the getTableNames()
> version because of this. Otherwise a user having only R or W cannot list the
> table name.
> This has been reported from a user here:
> https://community.hortonworks.com/questions/10742/why-does-a-user-need-create-permission-for-list-co.html#comment-11000.
>
> While we are at it, should we revisit the fact that you cannot get a table
> descriptor if you have only R or W? It seems strange that you cannot even
> know the CF names of a table that you can read from. I could not find info
> about the "describe" privileges on SQL databases. However, if there are use
> cases where Table descriptor might contain sensitive info, the current
> semantics seems fine. cc [~apurtell] and [~mbertozzi].
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
[jira] [Commented] (HBASE-15147) Shell should use Admin.listTableNames() instead of Admin.listTables()
[
https://issues.apache.org/jira/browse/HBASE-15147?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15113243#comment-15113243
]
Andrew Purtell commented on HBASE-15147:
bq. Then we can do the stripping of information in HTD/HCD depending on perms
in a follow up jira if needed.
Earlier thinking was whitelisting of information in descriptors would be a
burden to maintain so only principals with C or A perms should be allowed to
see descriptors. Seeing table names is fine for any perms (as well as region
names, etc., since anyone must be able to read META to accomplish anything).
> Shell should use Admin.listTableNames() instead of Admin.listTables()
> --
>
> Key: HBASE-15147
> URL: https://issues.apache.org/jira/browse/HBASE-15147
> Project: HBase
> Issue Type: Bug
>Reporter: Enis Soztutar
>Assignee: Enis Soztutar
> Fix For: 2.0.0, 1.2.0, 1.3.0, 1.1.4, 1.0.4
>
> Attachments: hbase-15147_v1.patch
>
>
> It seems that getTableDescriptors() in master checks for A and C permissions
> while getTableNames() checks for any privilege on the table. The reasoning is
> explained here:
> https://issues.apache.org/jira/browse/HBASE-12564?focusedCommentId=14234504=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-14234504
>
> We should change the shell command for {{list}} to use the getTableNames()
> version because of this. Otherwise a user having only R or W cannot list the
> table name.
> This has been reported from a user here:
> https://community.hortonworks.com/questions/10742/why-does-a-user-need-create-permission-for-list-co.html#comment-11000.
>
> While we are at it, should we revisit the fact that you cannot get a table
> descriptor if you have only R or W? It seems strange that you cannot even
> know the CF names of a table that you can read from. I could not find info
> about the "describe" privileges on SQL databases. However, if there are use
> cases where Table descriptor might contain sensitive info, the current
> semantics seems fine. cc [~apurtell] and [~mbertozzi].
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
[jira] [Commented] (HBASE-15147) Shell should use Admin.listTableNames() instead of Admin.listTables()
[
https://issues.apache.org/jira/browse/HBASE-15147?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15112697#comment-15112697
]
Hudson commented on HBASE-15147:
SUCCESS: Integrated in HBase-1.0 #1137 (See
[https://builds.apache.org/job/HBase-1.0/1137/])
HBASE-15147 Shell should use Admin.listTableNames() instead of (enis: rev
886c70d0d95b95ddd928cd5bc1e1fc83b1de2f42)
* hbase-shell/src/main/ruby/hbase/admin.rb
> Shell should use Admin.listTableNames() instead of Admin.listTables()
> --
>
> Key: HBASE-15147
> URL: https://issues.apache.org/jira/browse/HBASE-15147
> Project: HBase
> Issue Type: Bug
>Reporter: Enis Soztutar
>Assignee: Enis Soztutar
> Fix For: 2.0.0, 1.2.0, 1.3.0, 1.1.4, 1.0.4
>
> Attachments: hbase-15147_v1.patch
>
>
> It seems that getTableDescriptors() in master checks for A and C permissions
> while getTableNames() checks for any privilege on the table. The reasoning is
> explained here:
> https://issues.apache.org/jira/browse/HBASE-12564?focusedCommentId=14234504=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-14234504
>
> We should change the shell command for {{list}} to use the getTableNames()
> version because of this. Otherwise a user having only R or W cannot list the
> table name.
> This has been reported from a user here:
> https://community.hortonworks.com/questions/10742/why-does-a-user-need-create-permission-for-list-co.html#comment-11000.
>
> While we are at it, should we revisit the fact that you cannot get a table
> descriptor if you have only R or W? It seems strange that you cannot even
> know the CF names of a table that you can read from. I could not find info
> about the "describe" privileges on SQL databases. However, if there are use
> cases where Table descriptor might contain sensitive info, the current
> semantics seems fine. cc [~apurtell] and [~mbertozzi].
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
[jira] [Commented] (HBASE-15147) Shell should use Admin.listTableNames() instead of Admin.listTables()
[
https://issues.apache.org/jira/browse/HBASE-15147?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15110690#comment-15110690
]
Sean Busbey commented on HBASE-15147:
-
+1 no need for a new test while changing implementation of extant functionality.
> Shell should use Admin.listTableNames() instead of Admin.listTables()
> --
>
> Key: HBASE-15147
> URL: https://issues.apache.org/jira/browse/HBASE-15147
> Project: HBase
> Issue Type: Bug
>Reporter: Enis Soztutar
>Assignee: Enis Soztutar
> Fix For: 2.0.0, 1.2.0, 1.3.0, 1.1.4
>
> Attachments: hbase-15147_v1.patch
>
>
> It seems that getTableDescriptors() in master checks for A and C permissions
> while getTableNames() checks for any privilege on the table. The reasoning is
> explained here:
> https://issues.apache.org/jira/browse/HBASE-12564?focusedCommentId=14234504=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-14234504
>
> We should change the shell command for {{list}} to use the getTableNames()
> version because of this. Otherwise a user having only R or W cannot list the
> table name.
> This has been reported from a user here:
> https://community.hortonworks.com/questions/10742/why-does-a-user-need-create-permission-for-list-co.html#comment-11000.
>
> While we are at it, should we revisit the fact that you cannot get a table
> descriptor if you have only R or W? It seems strange that you cannot even
> know the CF names of a table that you can read from. I could not find info
> about the "describe" privileges on SQL databases. However, if there are use
> cases where Table descriptor might contain sensitive info, the current
> semantics seems fine. cc [~apurtell] and [~mbertozzi].
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
[jira] [Commented] (HBASE-15147) Shell should use Admin.listTableNames() instead of Admin.listTables()
[
https://issues.apache.org/jira/browse/HBASE-15147?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15111601#comment-15111601
]
Hudson commented on HBASE-15147:
SUCCESS: Integrated in HBase-1.3-IT #451 (See
[https://builds.apache.org/job/HBase-1.3-IT/451/])
HBASE-15147 Shell should use Admin.listTableNames() instead of (enis: rev
27dd1156fb86d5b5a54b4aacd2c6a4abf58def65)
* hbase-shell/src/main/ruby/hbase/admin.rb
> Shell should use Admin.listTableNames() instead of Admin.listTables()
> --
>
> Key: HBASE-15147
> URL: https://issues.apache.org/jira/browse/HBASE-15147
> Project: HBase
> Issue Type: Bug
>Reporter: Enis Soztutar
>Assignee: Enis Soztutar
> Fix For: 2.0.0, 1.2.0, 1.3.0, 1.1.4, 1.0.4
>
> Attachments: hbase-15147_v1.patch
>
>
> It seems that getTableDescriptors() in master checks for A and C permissions
> while getTableNames() checks for any privilege on the table. The reasoning is
> explained here:
> https://issues.apache.org/jira/browse/HBASE-12564?focusedCommentId=14234504=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-14234504
>
> We should change the shell command for {{list}} to use the getTableNames()
> version because of this. Otherwise a user having only R or W cannot list the
> table name.
> This has been reported from a user here:
> https://community.hortonworks.com/questions/10742/why-does-a-user-need-create-permission-for-list-co.html#comment-11000.
>
> While we are at it, should we revisit the fact that you cannot get a table
> descriptor if you have only R or W? It seems strange that you cannot even
> know the CF names of a table that you can read from. I could not find info
> about the "describe" privileges on SQL databases. However, if there are use
> cases where Table descriptor might contain sensitive info, the current
> semantics seems fine. cc [~apurtell] and [~mbertozzi].
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
[jira] [Commented] (HBASE-15147) Shell should use Admin.listTableNames() instead of Admin.listTables()
[
https://issues.apache.org/jira/browse/HBASE-15147?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15111622#comment-15111622
]
Hudson commented on HBASE-15147:
FAILURE: Integrated in HBase-1.3 #506 (See
[https://builds.apache.org/job/HBase-1.3/506/])
HBASE-15147 Shell should use Admin.listTableNames() instead of (enis: rev
27dd1156fb86d5b5a54b4aacd2c6a4abf58def65)
* hbase-shell/src/main/ruby/hbase/admin.rb
> Shell should use Admin.listTableNames() instead of Admin.listTables()
> --
>
> Key: HBASE-15147
> URL: https://issues.apache.org/jira/browse/HBASE-15147
> Project: HBase
> Issue Type: Bug
>Reporter: Enis Soztutar
>Assignee: Enis Soztutar
> Fix For: 2.0.0, 1.2.0, 1.3.0, 1.1.4, 1.0.4
>
> Attachments: hbase-15147_v1.patch
>
>
> It seems that getTableDescriptors() in master checks for A and C permissions
> while getTableNames() checks for any privilege on the table. The reasoning is
> explained here:
> https://issues.apache.org/jira/browse/HBASE-12564?focusedCommentId=14234504=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-14234504
>
> We should change the shell command for {{list}} to use the getTableNames()
> version because of this. Otherwise a user having only R or W cannot list the
> table name.
> This has been reported from a user here:
> https://community.hortonworks.com/questions/10742/why-does-a-user-need-create-permission-for-list-co.html#comment-11000.
>
> While we are at it, should we revisit the fact that you cannot get a table
> descriptor if you have only R or W? It seems strange that you cannot even
> know the CF names of a table that you can read from. I could not find info
> about the "describe" privileges on SQL databases. However, if there are use
> cases where Table descriptor might contain sensitive info, the current
> semantics seems fine. cc [~apurtell] and [~mbertozzi].
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
[jira] [Commented] (HBASE-15147) Shell should use Admin.listTableNames() instead of Admin.listTables()
[
https://issues.apache.org/jira/browse/HBASE-15147?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15111634#comment-15111634
]
Hudson commented on HBASE-15147:
SUCCESS: Integrated in HBase-1.2-IT #406 (See
[https://builds.apache.org/job/HBase-1.2-IT/406/])
HBASE-15147 Shell should use Admin.listTableNames() instead of (enis: rev
bcc575c3506fbe28204b76d5e41fae31d6cb078c)
* hbase-shell/src/main/ruby/hbase/admin.rb
> Shell should use Admin.listTableNames() instead of Admin.listTables()
> --
>
> Key: HBASE-15147
> URL: https://issues.apache.org/jira/browse/HBASE-15147
> Project: HBase
> Issue Type: Bug
>Reporter: Enis Soztutar
>Assignee: Enis Soztutar
> Fix For: 2.0.0, 1.2.0, 1.3.0, 1.1.4, 1.0.4
>
> Attachments: hbase-15147_v1.patch
>
>
> It seems that getTableDescriptors() in master checks for A and C permissions
> while getTableNames() checks for any privilege on the table. The reasoning is
> explained here:
> https://issues.apache.org/jira/browse/HBASE-12564?focusedCommentId=14234504=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-14234504
>
> We should change the shell command for {{list}} to use the getTableNames()
> version because of this. Otherwise a user having only R or W cannot list the
> table name.
> This has been reported from a user here:
> https://community.hortonworks.com/questions/10742/why-does-a-user-need-create-permission-for-list-co.html#comment-11000.
>
> While we are at it, should we revisit the fact that you cannot get a table
> descriptor if you have only R or W? It seems strange that you cannot even
> know the CF names of a table that you can read from. I could not find info
> about the "describe" privileges on SQL databases. However, if there are use
> cases where Table descriptor might contain sensitive info, the current
> semantics seems fine. cc [~apurtell] and [~mbertozzi].
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
[jira] [Commented] (HBASE-15147) Shell should use Admin.listTableNames() instead of Admin.listTables()
[
https://issues.apache.org/jira/browse/HBASE-15147?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15111629#comment-15111629
]
Hudson commented on HBASE-15147:
FAILURE: Integrated in HBase-1.1-JDK8 #1729 (See
[https://builds.apache.org/job/HBase-1.1-JDK8/1729/])
HBASE-15147 Shell should use Admin.listTableNames() instead of (enis: rev
5a3e2abc048a4d9bc60566f9f12f31fdda22702c)
* hbase-shell/src/main/ruby/hbase/admin.rb
> Shell should use Admin.listTableNames() instead of Admin.listTables()
> --
>
> Key: HBASE-15147
> URL: https://issues.apache.org/jira/browse/HBASE-15147
> Project: HBase
> Issue Type: Bug
>Reporter: Enis Soztutar
>Assignee: Enis Soztutar
> Fix For: 2.0.0, 1.2.0, 1.3.0, 1.1.4, 1.0.4
>
> Attachments: hbase-15147_v1.patch
>
>
> It seems that getTableDescriptors() in master checks for A and C permissions
> while getTableNames() checks for any privilege on the table. The reasoning is
> explained here:
> https://issues.apache.org/jira/browse/HBASE-12564?focusedCommentId=14234504=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-14234504
>
> We should change the shell command for {{list}} to use the getTableNames()
> version because of this. Otherwise a user having only R or W cannot list the
> table name.
> This has been reported from a user here:
> https://community.hortonworks.com/questions/10742/why-does-a-user-need-create-permission-for-list-co.html#comment-11000.
>
> While we are at it, should we revisit the fact that you cannot get a table
> descriptor if you have only R or W? It seems strange that you cannot even
> know the CF names of a table that you can read from. I could not find info
> about the "describe" privileges on SQL databases. However, if there are use
> cases where Table descriptor might contain sensitive info, the current
> semantics seems fine. cc [~apurtell] and [~mbertozzi].
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
[jira] [Commented] (HBASE-15147) Shell should use Admin.listTableNames() instead of Admin.listTables()
[
https://issues.apache.org/jira/browse/HBASE-15147?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15111501#comment-15111501
]
Hudson commented on HBASE-15147:
SUCCESS: Integrated in HBase-1.2 #516 (See
[https://builds.apache.org/job/HBase-1.2/516/])
HBASE-15147 Shell should use Admin.listTableNames() instead of (enis: rev
bcc575c3506fbe28204b76d5e41fae31d6cb078c)
* hbase-shell/src/main/ruby/hbase/admin.rb
> Shell should use Admin.listTableNames() instead of Admin.listTables()
> --
>
> Key: HBASE-15147
> URL: https://issues.apache.org/jira/browse/HBASE-15147
> Project: HBase
> Issue Type: Bug
>Reporter: Enis Soztutar
>Assignee: Enis Soztutar
> Fix For: 2.0.0, 1.2.0, 1.3.0, 1.1.4, 1.0.4
>
> Attachments: hbase-15147_v1.patch
>
>
> It seems that getTableDescriptors() in master checks for A and C permissions
> while getTableNames() checks for any privilege on the table. The reasoning is
> explained here:
> https://issues.apache.org/jira/browse/HBASE-12564?focusedCommentId=14234504=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-14234504
>
> We should change the shell command for {{list}} to use the getTableNames()
> version because of this. Otherwise a user having only R or W cannot list the
> table name.
> This has been reported from a user here:
> https://community.hortonworks.com/questions/10742/why-does-a-user-need-create-permission-for-list-co.html#comment-11000.
>
> While we are at it, should we revisit the fact that you cannot get a table
> descriptor if you have only R or W? It seems strange that you cannot even
> know the CF names of a table that you can read from. I could not find info
> about the "describe" privileges on SQL databases. However, if there are use
> cases where Table descriptor might contain sensitive info, the current
> semantics seems fine. cc [~apurtell] and [~mbertozzi].
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
[jira] [Commented] (HBASE-15147) Shell should use Admin.listTableNames() instead of Admin.listTables()
[
https://issues.apache.org/jira/browse/HBASE-15147?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15111676#comment-15111676
]
Hudson commented on HBASE-15147:
FAILURE: Integrated in HBase-1.1-JDK7 #1642 (See
[https://builds.apache.org/job/HBase-1.1-JDK7/1642/])
HBASE-15147 Shell should use Admin.listTableNames() instead of (enis: rev
5a3e2abc048a4d9bc60566f9f12f31fdda22702c)
* hbase-shell/src/main/ruby/hbase/admin.rb
> Shell should use Admin.listTableNames() instead of Admin.listTables()
> --
>
> Key: HBASE-15147
> URL: https://issues.apache.org/jira/browse/HBASE-15147
> Project: HBase
> Issue Type: Bug
>Reporter: Enis Soztutar
>Assignee: Enis Soztutar
> Fix For: 2.0.0, 1.2.0, 1.3.0, 1.1.4, 1.0.4
>
> Attachments: hbase-15147_v1.patch
>
>
> It seems that getTableDescriptors() in master checks for A and C permissions
> while getTableNames() checks for any privilege on the table. The reasoning is
> explained here:
> https://issues.apache.org/jira/browse/HBASE-12564?focusedCommentId=14234504=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-14234504
>
> We should change the shell command for {{list}} to use the getTableNames()
> version because of this. Otherwise a user having only R or W cannot list the
> table name.
> This has been reported from a user here:
> https://community.hortonworks.com/questions/10742/why-does-a-user-need-create-permission-for-list-co.html#comment-11000.
>
> While we are at it, should we revisit the fact that you cannot get a table
> descriptor if you have only R or W? It seems strange that you cannot even
> know the CF names of a table that you can read from. I could not find info
> about the "describe" privileges on SQL databases. However, if there are use
> cases where Table descriptor might contain sensitive info, the current
> semantics seems fine. cc [~apurtell] and [~mbertozzi].
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
[jira] [Commented] (HBASE-15147) Shell should use Admin.listTableNames() instead of Admin.listTables()
[
https://issues.apache.org/jira/browse/HBASE-15147?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15111704#comment-15111704
]
Hudson commented on HBASE-15147:
FAILURE: Integrated in HBase-Trunk_matrix #650 (See
[https://builds.apache.org/job/HBase-Trunk_matrix/650/])
HBASE-15147 Shell should use Admin.listTableNames() instead of (enis: rev
110274b33535db8f8dc1ecd4406c3c09b162a4a8)
* hbase-shell/src/main/ruby/hbase/admin.rb
> Shell should use Admin.listTableNames() instead of Admin.listTables()
> --
>
> Key: HBASE-15147
> URL: https://issues.apache.org/jira/browse/HBASE-15147
> Project: HBase
> Issue Type: Bug
>Reporter: Enis Soztutar
>Assignee: Enis Soztutar
> Fix For: 2.0.0, 1.2.0, 1.3.0, 1.1.4, 1.0.4
>
> Attachments: hbase-15147_v1.patch
>
>
> It seems that getTableDescriptors() in master checks for A and C permissions
> while getTableNames() checks for any privilege on the table. The reasoning is
> explained here:
> https://issues.apache.org/jira/browse/HBASE-12564?focusedCommentId=14234504=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-14234504
>
> We should change the shell command for {{list}} to use the getTableNames()
> version because of this. Otherwise a user having only R or W cannot list the
> table name.
> This has been reported from a user here:
> https://community.hortonworks.com/questions/10742/why-does-a-user-need-create-permission-for-list-co.html#comment-11000.
>
> While we are at it, should we revisit the fact that you cannot get a table
> descriptor if you have only R or W? It seems strange that you cannot even
> know the CF names of a table that you can read from. I could not find info
> about the "describe" privileges on SQL databases. However, if there are use
> cases where Table descriptor might contain sensitive info, the current
> semantics seems fine. cc [~apurtell] and [~mbertozzi].
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
[jira] [Commented] (HBASE-15147) Shell should use Admin.listTableNames() instead of Admin.listTables()
[
https://issues.apache.org/jira/browse/HBASE-15147?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15109983#comment-15109983
]
Matteo Bertozzi commented on HBASE-15147:
-
R can be on a single family, so we can't allow everyone to get the full HTD.
maybe we can remove some info from the returned HTD if the user does not have A
or C.
for the list command, I think using getTableNames() is good even without the
ACL problem, since we just throw away the HTDs and use only the name.
> Shell should use Admin.listTableNames() instead of Admin.listTables()
> --
>
> Key: HBASE-15147
> URL: https://issues.apache.org/jira/browse/HBASE-15147
> Project: HBase
> Issue Type: Bug
>Reporter: Enis Soztutar
>Assignee: Enis Soztutar
> Fix For: 2.0.0, 1.2.0, 1.3.0, 1.1.4
>
>
> It seems that getTableDescriptors() in master checks for A and C permissions
> while getTableNames() checks for any privilege on the table. The reasoning is
> explained here:
> https://issues.apache.org/jira/browse/HBASE-12564?focusedCommentId=14234504=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-14234504
>
> We should change the shell command for {{list}} to use the getTableNames()
> version because of this. Otherwise a user having only R or W cannot list the
> table name.
> This has been reported from a user here:
> https://community.hortonworks.com/questions/10742/why-does-a-user-need-create-permission-for-list-co.html#comment-11000.
>
> While we are at it, should we revisit the fact that you cannot get a table
> descriptor if you have only R or W? It seems strange that you cannot even
> know the CF names of a table that you can read from. I could not find info
> about the "describe" privileges on SQL databases. However, if there are use
> cases where Table descriptor might contain sensitive info, the current
> semantics seems fine. cc [~apurtell] and [~mbertozzi].
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
[jira] [Commented] (HBASE-15147) Shell should use Admin.listTableNames() instead of Admin.listTables()
[
https://issues.apache.org/jira/browse/HBASE-15147?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15110001#comment-15110001
]
Matteo Bertozzi commented on HBASE-15147:
-
+1 on the list patch
{quote}We check for Table R or W, not CF I think{quote}
yeah, I was saying to change the check to for each HTD filter the information
based on the user. If the user has not A or C, We can lookup from the acl cache
which cfs the user can see and strip the HTD of all the information that the
user is not supposed to see
> Shell should use Admin.listTableNames() instead of Admin.listTables()
> --
>
> Key: HBASE-15147
> URL: https://issues.apache.org/jira/browse/HBASE-15147
> Project: HBase
> Issue Type: Bug
>Reporter: Enis Soztutar
>Assignee: Enis Soztutar
> Fix For: 2.0.0, 1.2.0, 1.3.0, 1.1.4
>
> Attachments: hbase-15147_v1.patch
>
>
> It seems that getTableDescriptors() in master checks for A and C permissions
> while getTableNames() checks for any privilege on the table. The reasoning is
> explained here:
> https://issues.apache.org/jira/browse/HBASE-12564?focusedCommentId=14234504=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-14234504
>
> We should change the shell command for {{list}} to use the getTableNames()
> version because of this. Otherwise a user having only R or W cannot list the
> table name.
> This has been reported from a user here:
> https://community.hortonworks.com/questions/10742/why-does-a-user-need-create-permission-for-list-co.html#comment-11000.
>
> While we are at it, should we revisit the fact that you cannot get a table
> descriptor if you have only R or W? It seems strange that you cannot even
> know the CF names of a table that you can read from. I could not find info
> about the "describe" privileges on SQL databases. However, if there are use
> cases where Table descriptor might contain sensitive info, the current
> semantics seems fine. cc [~apurtell] and [~mbertozzi].
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
[jira] [Commented] (HBASE-15147) Shell should use Admin.listTableNames() instead of Admin.listTables()
[
https://issues.apache.org/jira/browse/HBASE-15147?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15110104#comment-15110104
]
Hadoop QA commented on HBASE-15147:
---
| (x) *{color:red}-1 overall{color}* |
\\
\\
|| Vote || Subsystem || Runtime || Comment ||
| {color:green}+1{color} | {color:green} @author {color} | {color:green} 0m 0s
{color} | {color:green} The patch does not contain any @author tags. {color} |
| {color:red}-1{color} | {color:red} test4tests {color} | {color:red} 0m 0s
{color} | {color:red} The patch doesn't appear to include any new or modified
tests. Please justify why no new tests are needed for this patch. Also please
list what manual steps were performed to verify this patch. {color} |
| {color:green}+1{color} | {color:green} mvninstall {color} | {color:green} 2m
56s {color} | {color:green} master passed {color} |
| {color:green}+1{color} | {color:green} mvneclipse {color} | {color:green} 0m
15s {color} | {color:green} master passed {color} |
| {color:green}+1{color} | {color:green} javadoc {color} | {color:green} 0m 18s
{color} | {color:green} master passed with JDK v1.8.0 {color} |
| {color:green}+1{color} | {color:green} javadoc {color} | {color:green} 0m 10s
{color} | {color:green} master passed with JDK v1.7.0_79 {color} |
| {color:green}+1{color} | {color:green} mvninstall {color} | {color:green} 0m
16s {color} | {color:green} the patch passed {color} |
| {color:green}+1{color} | {color:green} mvneclipse {color} | {color:green} 0m
15s {color} | {color:green} the patch passed {color} |
| {color:blue}0{color} | {color:blue} rubocop {color} | {color:blue} 4m 12s
{color} | {color:blue} Rubocop was not available. {color} |
| {color:blue}0{color} | {color:blue} ruby-lint {color} | {color:blue} 4m 12s
{color} | {color:blue} Ruby-lint was not available. {color} |
| {color:green}+1{color} | {color:green} whitespace {color} | {color:green} 0m
0s {color} | {color:green} Patch has no whitespace issues. {color} |
| {color:green}+1{color} | {color:green} hadoopcheck {color} | {color:green}
22m 38s {color} | {color:green} Patch does not cause any errors with Hadoop
2.4.0 2.4.1 2.5.0 2.5.1 2.5.2 2.6.1 2.6.2 2.6.3 2.7.1. {color} |
| {color:green}+1{color} | {color:green} javadoc {color} | {color:green} 0m 18s
{color} | {color:green} the patch passed with JDK v1.8.0 {color} |
| {color:green}+1{color} | {color:green} javadoc {color} | {color:green} 0m 9s
{color} | {color:green} the patch passed with JDK v1.7.0_79 {color} |
| {color:green}+1{color} | {color:green} unit {color} | {color:green} 7m 24s
{color} | {color:green} hbase-shell in the patch passed with JDK v1.8.0.
{color} |
| {color:green}+1{color} | {color:green} unit {color} | {color:green} 6m 38s
{color} | {color:green} hbase-shell in the patch passed with JDK v1.7.0_79.
{color} |
| {color:green}+1{color} | {color:green} asflicense {color} | {color:green} 0m
9s {color} | {color:green} Patch does not generate ASF License warnings.
{color} |
| {color:black}{color} | {color:black} {color} | {color:black} 41m 32s {color}
| {color:black} {color} |
\\
\\
|| Subsystem || Report/Notes ||
| JIRA Patch URL |
https://issues.apache.org/jira/secure/attachment/12783506/hbase-15147_v1.patch |
| JIRA Issue | HBASE-15147 |
| Optional Tests | asflicense javac javadoc unit rubocop ruby_lint |
| uname | Linux asf906.gq1.ygridcore.net 3.13.0-36-lowlatency #63-Ubuntu SMP
PREEMPT Wed Sep 3 21:56:12 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux |
| Build tool | maven |
| Personality |
/home/jenkins/jenkins-slave/workspace/PreCommit-HBASE-Build/component/dev-support/hbase-personality.sh
|
| git revision | master / 4bf6f83 |
| JDK v1.7.0_79 Test Results |
https://builds.apache.org/job/PreCommit-HBASE-Build/221/testReport/ |
| modules | C: hbase-shell U: hbase-shell |
| Max memory used | 191MB |
| Powered by | Apache Yetus 0.1.0 http://yetus.apache.org |
| Console output |
https://builds.apache.org/job/PreCommit-HBASE-Build/221/console |
This message was automatically generated.
> Shell should use Admin.listTableNames() instead of Admin.listTables()
> --
>
> Key: HBASE-15147
> URL: https://issues.apache.org/jira/browse/HBASE-15147
> Project: HBase
> Issue Type: Bug
>Reporter: Enis Soztutar
>Assignee: Enis Soztutar
> Fix For: 2.0.0, 1.2.0, 1.3.0, 1.1.4
>
> Attachments: hbase-15147_v1.patch
>
>
> It seems that getTableDescriptors() in master checks for A and C permissions
> while getTableNames() checks for any privilege on the table. The reasoning is
> explained here:
> https://issues.apache.org/jira/browse/HBASE-12564?focusedCommentId=14234504=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-14234504
>
> We should change the shell command for {{list}} to use the
[jira] [Commented] (HBASE-15147) Shell should use Admin.listTableNames() instead of Admin.listTables()
[
https://issues.apache.org/jira/browse/HBASE-15147?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15109990#comment-15109990
]
Enis Soztutar commented on HBASE-15147:
---
bq. R can be on a single family, so we can't allow everyone to get the full
HTD. maybe we can remove some info from the returned HTD if the user does not
have A or C.
We check for Table R or W, not CF I think.
> Shell should use Admin.listTableNames() instead of Admin.listTables()
> --
>
> Key: HBASE-15147
> URL: https://issues.apache.org/jira/browse/HBASE-15147
> Project: HBase
> Issue Type: Bug
>Reporter: Enis Soztutar
>Assignee: Enis Soztutar
> Fix For: 2.0.0, 1.2.0, 1.3.0, 1.1.4
>
> Attachments: hbase-15147_v1.patch
>
>
> It seems that getTableDescriptors() in master checks for A and C permissions
> while getTableNames() checks for any privilege on the table. The reasoning is
> explained here:
> https://issues.apache.org/jira/browse/HBASE-12564?focusedCommentId=14234504=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-14234504
>
> We should change the shell command for {{list}} to use the getTableNames()
> version because of this. Otherwise a user having only R or W cannot list the
> table name.
> This has been reported from a user here:
> https://community.hortonworks.com/questions/10742/why-does-a-user-need-create-permission-for-list-co.html#comment-11000.
>
> While we are at it, should we revisit the fact that you cannot get a table
> descriptor if you have only R or W? It seems strange that you cannot even
> know the CF names of a table that you can read from. I could not find info
> about the "describe" privileges on SQL databases. However, if there are use
> cases where Table descriptor might contain sensitive info, the current
> semantics seems fine. cc [~apurtell] and [~mbertozzi].
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
