Details
Description
Secure mode deployments should protect the files under HDFS root dir. We should check and set the root dirs permissions on a kerberos setup so that users does not have to.
We have hbase.data.umask.enable and hbase.data.umask for data files, but those are not that useful since we should protect dir listing, and access to WAL files, snapshot files, etc.
See HBASE-13768 which has an integration test for this.