You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@hbase.apache.org by "Duo Zhang (JIRA)" <ji...@apache.org> on 2017/12/27 01:02:37 UTC
[jira] [Created] (HBASE-19634) Confirm that we do not leak the
privilege for modifying replication peer to unauthorized user
Duo Zhang created HBASE-19634:
---------------------------------
Summary: Confirm that we do not leak the privilege for modifying replication peer to unauthorized user
Key: HBASE-19634
URL: https://issues.apache.org/jira/browse/HBASE-19634
Project: HBase
Issue Type: Sub-task
Reporter: Duo Zhang
This is important, the actual refresh on RS is trigger by the executeProcedure call and it will pass some information. These information should not be fully trusted since anyone can all this method. We need to make sure that the actual data/state for a replication peer is always loaded from the replication storage, not from the parameter of the executeProcedure call.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)