[HBASE-14347] Add a switch to DynamicClassLoader to disable it - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: 1.2.0, 1.1.2, 0.98.15, 1.0.3, 2.0.0
Fix Version/s: 1.2.0, 1.0.3, 1.1.3, 0.98.16, 2.0.0
Component/s: Client, Operability, regionserver
Labels:
None

Description

Since ~~HBASE-1936~~ we have the option to load jars dynamically by default from HDFS or the local filesystem, however hbase.dynamic.jars.dir points to a directory that could be world writable it potentially opens a security problem in both the client side and the RS. We should consider to have a switch to enable or disable this option and it should be off by default.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

HBASE-14347-v001.patch
01/Oct/15 23:35
4 kB
Hua Xiang

Issue Links

is related to

HBASE-14554 Investigate the server side alternative to enable dynamic jar for security purpose

Closed

Activity

People

Assignee:: Hua Xiang

Reporter:: Esteban Gutierrez

Votes:: 0 Vote for this issue

Watchers:: 8 Start watching this issue

Dates

Created:: 31/Aug/15 19:39

Updated:: 07/May/19 16:09

Resolved:: 05/Oct/15 23:26