-
Type:
Bug
-
Status: Closed
-
Priority:
Major
-
Resolution: Fixed
-
Affects Version/s: 1.2.0, 1.1.2, 0.98.15, 1.0.3, 2.0.0
-
Component/s: Client, Operability, regionserver
-
Labels:None
Since HBASE-1936 we have the option to load jars dynamically by default from HDFS or the local filesystem, however hbase.dynamic.jars.dir points to a directory that could be world writable it potentially opens a security problem in both the client side and the RS. We should consider to have a switch to enable or disable this option and it should be off by default.
- is related to
-
HBASE-14554 Investigate the server side alternative to enable dynamic jar for security purpose
-
- Open
-