[HBASE-6292] Compact can skip the security access control - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Sub-task
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: 0.94.0, 0.94.1, 0.95.2
Fix Version/s: 0.94.1, 0.95.0
Component/s: security
Labels:
- acl
- security

Hadoop Flags:

Reviewed

Description

When client sends compact command to rs, the rs just create a CompactionRequest, and then put it into the thread pool to process the CompactionRequest. And when the region do the compact, it uses the rs's ugi to process the compact, so the compact can successfully done.

Example:

user "mapred" do not have permission "Admin",

hbase(main):001:0> user_permission 'Security'
User                                Table,Family,Qualifier:Permission                                                                      
 mapred                             Security,f1,c1: [Permission: actions=READ,WRITE] 

hbase(main):004:0> put 'Security', 'r6', 'f1:c1', 'v9'
0 row(s) in 0.0590 seconds

hbase(main):005:0> put 'Security', 'r6', 'f1:c1', 'v10'
0 row(s) in 0.0040 seconds

hbase(main):006:0> compact 'Security'
0 row(s) in 0.0260 seconds

Maybe we can add permission check in the preCompactSelection() ?

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

HBASE-6292-trunk-V1.patch
30/Jun/12 05:52
12 kB
ShiXing

Activity

People

Assignee:: ShiXing

Reporter:: ShiXing

Votes:: 0 Vote for this issue

Watchers:: 6 Start watching this issue

Dates

Created:: 29/Jun/12 10:08

Updated:: 26/Feb/13 08:15

Resolved:: 30/Jun/12 21:27