You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@hbase.apache.org by "Andrew Purtell (JIRA)" <ji...@apache.org> on 2014/11/13 22:33:35 UTC
[jira] [Comment Edited] (HBASE-12470) Way to determine which labels
are applied to a cell in a table
[ https://issues.apache.org/jira/browse/HBASE-12470?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14211325#comment-14211325 ]
Andrew Purtell edited comment on HBASE-12470 at 11/13/14 9:33 PM:
------------------------------------------------------------------
This is also an issue for cell ACLs.
As Anoop mentioned we strip security tags in the RPC layer so we don't leak sensitive information to users, untrusted or otherwise. We can vary the codec but only globally by configuration.
In the run up to 0.98.0, while we were still at 0.97-SNAPSHOT, I proposed a couple of variations on per connection codec negotiation that didn't go anywhere on account of lack of time, interest, and community will. Per-connection negotiation is probably the best answer here. Might be worth it for you to reconsider the idea. After we authenticate a user as privileged (we can start with beloging to the superuser group) we could use the RPC codec which does not strip security tags, thus giving higher level APIs / policy monitoring / policy validation tools direct access to cell tags, and therefore ACL and visibility label metadata stored with them. This requires the ability to swap RPC codecs on a per connection basis, after the authorization handshake, so some sort of negotiation...
was (Author: apurtell):
This is also an issue for cell ACLs.
As Anoop mentioned we strip security tags in the RPC layer so we don't leak sensitive information to users, untrusted or otherwise. We can vary the codec but only globally by configuration.
In the run up to 0.98.0, while we were still at 0.97-SNAPSHOT, I proposed a couple of variations on per connection codec negotiation that didn't go anywhere on account of lack of time, interest, and community will. Per-connection negotiation is probably the best answer here. Might be worth it for you to reconsider the idea. After we authenticate a user as privileged (we can start with beloging to the superuser group) we could use the RPC codec which does not strip security tags, thus giving higher level APIs / policy monitoring / policy validation tools direct access to cell tags, and therefore ACL and visibility label metadata stored with them.
> Way to determine which labels are applied to a cell in a table
> --------------------------------------------------------------
>
> Key: HBASE-12470
> URL: https://issues.apache.org/jira/browse/HBASE-12470
> Project: HBase
> Issue Type: New Feature
> Components: security
> Affects Versions: 0.98.6.1
> Reporter: Kevin Odell
>
> There is currently no way to determine which labels are applied to a cell without using the HFile tool to dump each HFile and then translating the output back to the hbase:labels table. This is quite tedious on larger tables. Since this could be a security risk perhaps we make it tunable with hbase.superuser.can.veiw.cells or something along those lines?
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)