[
https://issues.apache.org/jira/browse/HBASE-21995?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16787681#comment-16787681
]
Reid Chan commented on HBASE-21995:
-----------------------------------
In secure mode, hbase root dir is 700. How can a user possibly scan snapshots
without access ability to hbase dir, not to mentioned subdirs. You may say "we
can change the default mode of root dir", then how dare you declare your hbase
cluster is in secure.
This feature is contradictory and means to break many default behaviors in
hbase cluster.
I can't see a reason to break security constrains in order to serve better
performance, besides i don't think what you mentioned is a fare trade without
statistics number. We encourage performance improvement issue, but not from
security perspective, IMO.
Last but not least, useful doesn't mean to be a must.
> Add a coprocessor to set HDFS ACL for hbase granted user
> --------------------------------------------------------
>
> Key: HBASE-21995
> URL: https://issues.apache.org/jira/browse/HBASE-21995
> Project: HBase
> Issue Type: Sub-task
> Reporter: Yi Mei
> Priority: Major
>
> To make hbase granted user have the access to scan table snapshots, use HDFS
> ACLs to set user read permission over hfiles.
> The basic implementation is:
> 1. For public directories such as 'data' and 'archive', set other users'
> permission to '--x' to make everyone have the permission to access the
> directory.
> 2. For namespace or table directories such as 'data/ns/table',
> 'archive/ns/table' and '.hbase-snapshot/snapshotName', set user 'r-x' acl and
> default 'r-x' acl when following operations happen:
> grant to namespace or table / revoke from namespace or table / snapshot table
>
> For more details, please reference the design doc:
> https://docs.google.com/document/d/1D2iAdbrW5CcKc2SthJBXA1n2tTMTftuVaFtxbOWFuqM/edit#heading=h.uwo33s7kz427
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)