Details
-
Bug
-
Status: Closed
-
Major
-
Resolution: Fixed
-
1.2.0, 1.1.2, 0.98.15, 1.0.3, 2.0.0
-
None
Description
Since HBASE-1936 we have the option to load jars dynamically by default from HDFS or the local filesystem, however hbase.dynamic.jars.dir points to a directory that could be world writable it potentially opens a security problem in both the client side and the RS. We should consider to have a switch to enable or disable this option and it should be off by default.
Attachments
Attachments
Issue Links
- is related to
-
HBASE-14554 Investigate the server side alternative to enable dynamic jar for security purpose
- Closed