Prathyusha created HBASE-29435:
----------------------------------
Summary: Limit HFile actions in hbase-mapreduce to Prevent
Accidental Data Loss like: HBASE-29346
Key: HBASE-29435
URL: https://issues.apache.org/jira/browse/HBASE-29435
Project: HBase
Issue Type: Improvement
Reporter: Prathyusha
Currently, {{hbase-mapreduce}} jobs may have access to helper classes that
allow for dangerous operations, such as deleting files from the {{/hbase/data}}
directory. While HDFS-level permissions and dedicated user principals for HBase
services are the primary defense, implementing code-level separation provides
an additional layer of "defense in depth" to prevent accidental data loss,
particularly from misconfigured or erroneous MapReduce jobs.
This Jira proposes a solution to restrict {{hbase-mapreduce}} clients from
performing such dangerous operations by introducing a clear separation of
helper classes.
* *{{hbase-server}} Helper Classes:* These classes will reside within the
{{hbase-server}} module and will continue to have the necessary
functionalities, including those that perform "dangerous" operations (e.g.,
deleting HFiles from the data directory). These are intended for use
exclusively by HBase daemons.
* *{{hbase-mapreduce}} Helper Classes:* A new set of helper classes will be
developed specifically for the {{hbase-mapreduce}} module. These classes will
be designed to be minimal, purpose-built, and _will not implement any dangerous
operations_ that could lead to data loss in the {{/hbase/data}} directory.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
