[HBASE-12916] No access control for replicating WAL entries - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: 0.94.26, 0.98.12, 2.0.0
Fix Version/s: 1.0.0, 0.98.10, 1.1.0
Component/s: Replication
Labels:
None

Hadoop Flags:

Reviewed

Description

Currently, there is no access control for replicating WAL entries in secure HBase cluster. Any authenticated user can write any data they want to any table of a secure cluster by using the replication api.

Simple solution is to add permission check before replicating WAL entries. And only user with global write permission can replicate WAL entries to this cluster.

Another option is adding "Replication" action in hbase and only user with "Replication" permission can replicate WAL entries to this cluster?

apurtell

What's your suggestion? Thanks

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

HBASE-12916-v3.diff
27/Jan/15 05:00
10 kB
Shaohui Liu
HBASE-12916-v2.diff
27/Jan/15 02:39
10 kB
Shaohui Liu
HBASE-12916-v1.diff
26/Jan/15 07:59
7 kB
Shaohui Liu
hbase-12916-0.98.patch
28/Jan/15 02:27
10 kB
Enis Soztutar

Activity

People

Assignee:: Shaohui Liu

Reporter:: Shaohui Liu

Votes:: 0 Vote for this issue

Watchers:: 8 Start watching this issue

Dates

Created:: 26/Jan/15 06:39

Updated:: 06/Apr/18 17:54

Resolved:: 28/Jan/15 02:26