[HBASE-14347] Add a switch to DynamicClassLoader to disable it - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: 1.2.0, 1.1.2, 0.98.15, 1.0.3, 2.0.0
Fix Version/s: 1.2.0, 1.0.3, 1.1.3, 0.98.16, 2.0.0
Component/s: Client, Operability, regionserver
Labels:
None

Description

Since ~~HBASE-1936~~ we have the option to load jars dynamically by default from HDFS or the local filesystem, however hbase.dynamic.jars.dir points to a directory that could be world writable it potentially opens a security problem in both the client side and the RS. We should consider to have a switch to enable or disable this option and it should be off by default.

Attachments

Options
- Sort By Name
- Sort By Date
- Ascending
- Descending

Attachments

HBASE-14347-v001.patch
01/Oct/15 23:35
4 kB
Hua Xiang

Issue Links

is related to

HBASE-14554 Investigate the server side alternative to enable dynamic jar for security purpose

Open

Activity

People

Assignee:

Hua Xiang

Reporter:

Esteban Gutierrez

Votes:

0 Vote for this issue

Watchers:

8 Start watching this issue

Dates

Created:

31/Aug/15 19:39

Updated:

07/May/19 16:09

Resolved:

05/Oct/15 23:26