You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@hbase.apache.org by "Hadoop QA (JIRA)" <ji...@apache.org> on 2013/06/15 07:08:23 UTC

[jira] [Commented] (HBASE-8692) [AccessController] Restrict HTableDescriptor enumeration

    [ https://issues.apache.org/jira/browse/HBASE-8692?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13684079#comment-13684079 ] 

Hadoop QA commented on HBASE-8692:
----------------------------------

{color:red}-1 overall{color}.  Here are the results of testing the latest attachment 
  http://issues.apache.org/jira/secure/attachment/12587955/8692-0.94.patch
  against trunk revision .

    {color:green}+1 @author{color}.  The patch does not contain any @author tags.

    {color:green}+1 tests included{color}.  The patch appears to include 8 new or modified tests.

    {color:red}-1 patch{color}.  The patch command could not apply the patch.

Console output: https://builds.apache.org/job/PreCommit-HBASE-Build/6039//console

This message is automatically generated.
                
> [AccessController] Restrict HTableDescriptor enumeration
> --------------------------------------------------------
>
>                 Key: HBASE-8692
>                 URL: https://issues.apache.org/jira/browse/HBASE-8692
>             Project: HBase
>          Issue Type: Improvement
>          Components: Coprocessors, security
>    Affects Versions: 0.98.0, 0.95.1, 0.94.9
>            Reporter: Andrew Purtell
>            Assignee: Andrew Purtell
>         Attachments: 8692-0.94.patch, 8692.patch
>
>
> Some users are concerned about having table schema exposed to every user and would like it protected, similar to the rest of the admin operations for schema. 
> This used to be hopeless because META would leak HTableDescriptors in HRegionInfo, but that is no longer the case in 0.94+.
> Consider adding CP hooks in the master for intercepting HMasterInterface#getHTableDescriptors and HMasterInterface#getHTableDescriptors(List<String>).  Add support in the AccessController for only allowing GLOBAL ADMIN to the first method. Add support in the AccessController for allowing access to the descriptors for the table names in the list of the second method only if the user has TABLE ADMIN privilege for all of the listed table names.
> Then, fix the code in HBaseAdmin (and elsewhere) that expects to be able to enumerate all table descriptors e.g. in deleteTable. A TABLE ADMIN can delete a table but won’t have GLOBAL ADMIN privilege to enumerate the total list. So a minor fixup is needed here, and in other places like this which make the same assumption.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira