You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@hbase.apache.org by Laxman <la...@huawei.com> on 2012/06/15 06:39:48 UTC

[HBase Security] Meta table operations should be authorized

Hi Devs,

As part of access control, read/write to meta table also should be checked
for authorization.
I've seen some scripts also internally invoking flush/compact on .META.

Example: drop table from "HBase shell" invokes flush and compact on .META.

IMO, scripts needs to be corrected. And I don't see need for calling
flush/compact on .META.

Any different opinion?

--
Regards,
Laxman

RE: [HBase Security] Meta table operations should be authorized

Posted by "Ramkrishna.S.Vasudevan" <ra...@huawei.com>.

+1 on changing the scripts.

Regards
Ram

> -----Original Message-----
> From: Laxman [mailto:lakshman.ch@huawei.com]
> Sent: Friday, June 15, 2012 10:10 AM
> To: dev@hbase.apache.org; apurtell@apache.org
> Subject: [HBase Security] Meta table operations should be authorized
> 
> Hi Devs,
> 
> As part of access control, read/write to meta table also should be
> checked
> for authorization.
> I've seen some scripts also internally invoking flush/compact on .META.
> 
> Example: drop table from "HBase shell" invokes flush and compact on
> .META.
> 
> IMO, scripts needs to be corrected. And I don't see need for calling
> flush/compact on .META.
> 
> Any different opinion?
> 
> --
> Regards,
> Laxman