[
https://issues.apache.org/jira/browse/HBASE-6253?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13398658#comment-13398658
]
Andrew Purtell edited comment on HBASE-6253 at 6/21/12 6:03 PM:
----------------------------------------------------------------
How can a user drop the ACL table if they are not authorized to do it?
The string {{_ acl _}} as table name has no special meaning unless the
AccessController is installed. So -1 a core change that encodes it.
Edit: Fix formatting (kind of)
was (Author: apurtell):
How can a user drop the ACL table if they are not authorized to do it?
The string "_acl_" as table name has no meaning unless the AccessController is
installed. So -1 a core change that encodes it.
> isLegalTableName API should check for the _acl_ table name
> ----------------------------------------------------------
>
> Key: HBASE-6253
> URL: https://issues.apache.org/jira/browse/HBASE-6253
> Project: HBase
> Issue Type: Bug
> Affects Versions: 0.94.0
> Reporter: Gopinathan A
> Fix For: 0.94.1
>
> Attachments: HBASE-6253.patch
>
>
> Currently HTableDescriptor.isLegalTableName API doesn't check for the _acl_
> table name, due to this user can able to disable/enable/drop/create the acl
> table.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
