[jira] [Commented] (HBASE-15147) Shell should use Admin.listTableNames() instead of Admin.listTables()

Fri, 22 Jan 2016 10:18:05 -0800 

    [ 
https://issues.apache.org/jira/browse/HBASE-15147?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15112814#comment-15112814
 ] 

Andrew Purtell commented on HBASE-15147:
----------------------------------------

bq. However, if there are use cases where Table descriptor might contain 
sensitive info,

This answer is yes, because HBase encryption can put key material in CF 
descriptors, and there can be arbitrary user supplied attributes on CF and 
table descriptors. The table and CF names, however, are not expected to be 
sensitive, since it's not possible to hide them for a number of reasons.

> Shell should use Admin.listTableNames() instead of Admin.listTables() 
> ----------------------------------------------------------------------
>
>                 Key: HBASE-15147
>                 URL: https://issues.apache.org/jira/browse/HBASE-15147
>             Project: HBase
>          Issue Type: Bug
>            Reporter: Enis Soztutar
>            Assignee: Enis Soztutar
>             Fix For: 2.0.0, 1.2.0, 1.3.0, 1.1.4, 1.0.4
>
>         Attachments: hbase-15147_v1.patch
>
>
> It seems that getTableDescriptors() in master checks for A and C permissions 
> while getTableNames() checks for any privilege on the table. The reasoning is 
> explained here: 
> https://issues.apache.org/jira/browse/HBASE-12564?focusedCommentId=14234504&page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-14234504
>  
> We should change the shell command for {{list}} to use the getTableNames() 
> version because of this. Otherwise a user having only R or W cannot list the 
> table name. 
> This has been reported from a user here: 
> https://community.hortonworks.com/questions/10742/why-does-a-user-need-create-permission-for-list-co.html#comment-11000.
>  
> While we are at it, should we revisit the fact that you cannot get a table 
> descriptor if you have only R or W? It seems strange that you cannot even 
> know the CF names of a table that you can read from. I could not find info 
> about the "describe" privileges on SQL databases. However, if there are use 
> cases where Table descriptor might contain sensitive info, the current 
> semantics seems fine. cc [~apurtell] and [~mbertozzi]. 



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to