To build an HBase that supports ACLs, kerberos auth, and other security features you have to build it with the 'security' profile.
There is no major downside to doing this (running HBase w/o security is still the default and works out of the box - you just have the option of enabling security in configs). However, note that for security to work HBase must be built against a version of Hadoop that supports security (e.g., 0.23+).
Due to an HBase release bug in 0.92 (
HBASE-5288), the sources for security were omitted from the release. This is already fixed on the 0.92.1 branch - so, as soon as that release takes place, Bigtop can start building.
This patch is a little pre-emptive (it can't be applied till HBase 0.92.1 is released) - but the issue will need to be tackled eventually no matter what.