[ https://issues.apache.org/jira/browse/HBASE-8692?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13692584#comment-13692584 ]
Hudson commented on HBASE-8692: ------------------------------- Integrated in HBase-0.94-security #180 (See [https://builds.apache.org/job/HBase-0.94-security/180/]) HBASE-8692. [AccessController] Restrict HTableDescriptor enumeration (Revision 1496240) Result = FAILURE apurtell : Files : * /hbase/branches/0.94/security/src/main/java/org/apache/hadoop/hbase/security/access/AccessController.java * /hbase/branches/0.94/security/src/test/java/org/apache/hadoop/hbase/security/access/TestAccessController.java * /hbase/branches/0.94/src/main/java/org/apache/hadoop/hbase/client/HBaseAdmin.java * /hbase/branches/0.94/src/main/java/org/apache/hadoop/hbase/client/HConnectionManager.java * /hbase/branches/0.94/src/main/java/org/apache/hadoop/hbase/coprocessor/BaseMasterObserver.java * /hbase/branches/0.94/src/main/java/org/apache/hadoop/hbase/coprocessor/MasterObserver.java * /hbase/branches/0.94/src/main/java/org/apache/hadoop/hbase/ipc/HMasterInterface.java * /hbase/branches/0.94/src/main/java/org/apache/hadoop/hbase/master/HMaster.java * /hbase/branches/0.94/src/main/java/org/apache/hadoop/hbase/master/MasterCoprocessorHost.java * /hbase/branches/0.94/src/main/ruby/hbase/admin.rb * /hbase/branches/0.94/src/test/java/org/apache/hadoop/hbase/coprocessor/TestMasterObserver.java * /hbase/branches/0.94/src/test/ruby/hbase/admin_test.rb > [AccessController] Restrict HTableDescriptor enumeration > -------------------------------------------------------- > > Key: HBASE-8692 > URL: https://issues.apache.org/jira/browse/HBASE-8692 > Project: HBase > Issue Type: Improvement > Components: Coprocessors, security > Affects Versions: 0.98.0, 0.95.1, 0.94.9 > Reporter: Andrew Purtell > Assignee: Andrew Purtell > Fix For: 0.98.0, 0.95.2, 0.94.9 > > Attachments: 8692-0.94.patch, 8692-0.94.patch, 8692-0.94.patch, > 8692-0.94.patch, 8692.patch, 8692.patch, 8692.patch, 8692.patch > > > Some users are concerned about having table schema exposed to every user and > would like it protected, similar to the rest of the admin operations for > schema. > This used to be hopeless because META would leak HTableDescriptors in > HRegionInfo, but that is no longer the case in 0.94+. > Consider adding CP hooks in the master for intercepting > HMasterInterface#getHTableDescriptors and > HMasterInterface#getHTableDescriptors(List<String>). Add support in the > AccessController for only allowing GLOBAL ADMIN to the first method. Add > support in the AccessController for allowing access to the descriptors for > the table names in the list of the second method only if the user has TABLE > ADMIN privilege for all of the listed table names. > Then, fix the code in HBaseAdmin (and elsewhere) that expects to be able to > enumerate all table descriptors e.g. in deleteTable. A TABLE ADMIN can delete > a table but won’t have GLOBAL ADMIN privilege to enumerate the total list. So > a minor fixup is needed here, and in other places like this which make the > same assumption. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira