[
https://issues.apache.org/jira/browse/HBASE-11136?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13995486#comment-13995486
]
Ted Yu commented on HBASE-11136:
--------------------------------
{code}
+ requirePermission("preRollLogWriter", Permission.Action.ADMIN);
{code}
Should we consider Permission.Action.CREATE as well ?
> Add permission check to roll WAL writer
> ----------------------------------------
>
> Key: HBASE-11136
> URL: https://issues.apache.org/jira/browse/HBASE-11136
> Project: HBase
> Issue Type: Improvement
> Components: regionserver, security
> Affects Versions: 0.96.2, 0.98.2
> Reporter: Jerry He
> Assignee: Jerry He
> Priority: Minor
> Fix For: 0.99.0
>
> Attachments: HBASE-11136-trunk-v1.patch
>
>
> Currently HBase provides HBaseAdmin.rollHLogWriter() and shell command to
> roll WAL on a region server. But no permission check is done on this
> operation in a secure cluster.
> We need to add permission check to prevent un-authorized user from running
> this operation.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
