[ https://issues.apache.org/jira/browse/HBASE-8692?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13691016#comment-13691016 ]
Hadoop QA commented on HBASE-8692: ---------------------------------- {color:red}-1 overall{color}. Here are the results of testing the latest attachment http://issues.apache.org/jira/secure/attachment/12589223/8692-0.94.patch against trunk revision . {color:green}+1 @author{color}. The patch does not contain any @author tags. {color:green}+1 tests included{color}. The patch appears to include 6 new or modified tests. {color:red}-1 patch{color}. The patch command could not apply the patch. Console output: https://builds.apache.org/job/PreCommit-HBASE-Build/6099//console This message is automatically generated. > [AccessController] Restrict HTableDescriptor enumeration > -------------------------------------------------------- > > Key: HBASE-8692 > URL: https://issues.apache.org/jira/browse/HBASE-8692 > Project: HBase > Issue Type: Improvement > Components: Coprocessors, security > Affects Versions: 0.98.0, 0.95.1, 0.94.9 > Reporter: Andrew Purtell > Assignee: Andrew Purtell > Attachments: 8692-0.94.patch, 8692-0.94.patch, 8692-0.94.patch, > 8692.patch, 8692.patch, 8692.patch > > > Some users are concerned about having table schema exposed to every user and > would like it protected, similar to the rest of the admin operations for > schema. > This used to be hopeless because META would leak HTableDescriptors in > HRegionInfo, but that is no longer the case in 0.94+. > Consider adding CP hooks in the master for intercepting > HMasterInterface#getHTableDescriptors and > HMasterInterface#getHTableDescriptors(List<String>). Add support in the > AccessController for only allowing GLOBAL ADMIN to the first method. Add > support in the AccessController for allowing access to the descriptors for > the table names in the list of the second method only if the user has TABLE > ADMIN privilege for all of the listed table names. > Then, fix the code in HBaseAdmin (and elsewhere) that expects to be able to > enumerate all table descriptors e.g. in deleteTable. A TABLE ADMIN can delete > a table but won’t have GLOBAL ADMIN privilege to enumerate the total list. So > a minor fixup is needed here, and in other places like this which make the > same assumption. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira