You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@hbase.apache.org by "Andrew Purtell (JIRA)" <ji...@apache.org> on 2018/01/11 00:47:00 UTC

[jira] [Reopened] (HBASE-19483) Add proper privilege check for rsgroup commands

     [ https://issues.apache.org/jira/browse/HBASE-19483?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Andrew Purtell reopened HBASE-19483:
------------------------------------

Removal of methods from a LimitedPrivate interface is not allowed in a patch release. Please provide an addendum for branch-1.4 which restores these methods:

Removed Methods  4 
hbase-server-1.4.0.jar, AccessController.class
package org.apache.hadoop.hbase.security.access
AccessController.isAuthorizationSupported ( Configuration conf ) [static]  :  boolean 
AccessController.requireNamespacePermission ( String request, String namespace, Permission.Action... permissions )  :  void 
AccessController.requireNamespacePermission ( String request, String namespace, TableName tableName, Map<byte[ ],? extends java.util.Collection<byte[ ]>> familyMap, Permission.Action... permissions )  :  void 

hbase-server-1.4.0.jar, VisibilityController.class
package org.apache.hadoop.hbase.security.visibility
VisibilityController.isAuthorizationSupported ( Configuration conf ) [static]  :  boolean 


> Add proper privilege check for rsgroup commands
> -----------------------------------------------
>
>                 Key: HBASE-19483
>                 URL: https://issues.apache.org/jira/browse/HBASE-19483
>             Project: HBase
>          Issue Type: Bug
>            Reporter: Ted Yu
>            Assignee: Guangxu Cheng
>             Fix For: 1.4.1, 1.5.0, 2.0.0-beta-1
>
>         Attachments: 19483.master.011.patch, 19483.v11.patch, 19483.v11.patch, HBASE-19483.addendum-1.patch, HBASE-19483.addendum.patch, HBASE-19483.branch-1.001.patch, HBASE-19483.branch-2.001.patch, HBASE-19483.branch-2.002.patch, HBASE-19483.branch-2.003.patch, HBASE-19483.master.001.patch, HBASE-19483.master.002.patch, HBASE-19483.master.003.patch, HBASE-19483.master.004.patch, HBASE-19483.master.005.patch, HBASE-19483.master.006.patch, HBASE-19483.master.007.patch, HBASE-19483.master.008.patch, HBASE-19483.master.009.patch, HBASE-19483.master.010.patch, HBASE-19483.master.011.patch, HBASE-19483.master.011.patch, HBASE-19483.master.012.patch, HBASE-19483.master.013.patch, HBASE-19483.master.014.patch
>
>
> Currently list_rsgroups command can be executed by any user.
> This is inconsistent with other list commands such as list_peers and list_peer_configs.
> We should add proper privilege check for list_rsgroups command.
> privilege check should be added for get_table_rsgroup / get_server_rsgroup / get_rsgroup commands.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)