You are viewing a plain text version of this content. The canonical link for it is here.

Posted to notifications@accumulo.apache.org by "Christopher Tubbs (JIRA)" <ji...@apache.org> on 2013/04/18 17:43:17 UTC

[jira] [Created] (ACCUMULO-1318) Allow granting System.GRANT permission

Christopher Tubbs created ACCUMULO-1318:
-------------------------------------------

             Summary: Allow granting System.GRANT permission
                 Key: ACCUMULO-1318
                 URL: https://issues.apache.org/jira/browse/ACCUMULO-1318
             Project: Accumulo
          Issue Type: Sub-task
            Reporter: Christopher Tubbs
            Assignee: Christopher Tubbs
             Fix For: 1.6.0


With the addition of pluggable authentication/authorizor/permissions handler modules (ACCUMULO-259), it seems we should rely more on these modules to set their policy for who has which permissions.

As such, I don't believe we should continue to constrain the System.GRANT permission, so that it is held only by the root user. This is an especially important consideration for ACCUMULO-1300, because in that ticket, there will always be a "local" root user, but there's no reason that should be the de-facto account that manages other users' permissions from.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira