You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@hbase.apache.org by Laxman <la...@huawei.com> on 2012/06/15 06:39:48 UTC
[HBase Security] Meta table operations should be authorized
Hi Devs,
As part of access control, read/write to meta table also should be checked
for authorization.
I've seen some scripts also internally invoking flush/compact on .META.
Example: drop table from "HBase shell" invokes flush and compact on .META.
IMO, scripts needs to be corrected. And I don't see need for calling
flush/compact on .META.
Any different opinion?
--
Regards,
Laxman
RE: [HBase Security] Meta table operations should be authorized
Posted by "Ramkrishna.S.Vasudevan" <ra...@huawei.com>.
+1 on changing the scripts.
Regards
Ram
> -----Original Message-----
> From: Laxman [mailto:lakshman.ch@huawei.com]
> Sent: Friday, June 15, 2012 10:10 AM
> To: dev@hbase.apache.org; apurtell@apache.org
> Subject: [HBase Security] Meta table operations should be authorized
>
> Hi Devs,
>
> As part of access control, read/write to meta table also should be
> checked
> for authorization.
> I've seen some scripts also internally invoking flush/compact on .META.
>
> Example: drop table from "HBase shell" invokes flush and compact on
> .META.
>
> IMO, scripts needs to be corrected. And I don't see need for calling
> flush/compact on .META.
>
> Any different opinion?
>
> --
> Regards,
> Laxman