lujiefsi edited a comment on pull request #2810: URL: https://github.com/apache/hbase/pull/2810#issuecomment-751358242
I have checked belong APIs that need add security check, these APIs will change RS's state without authorization. Please check | API | Severity | symptom | | :-----:| :----: | :---- | | clearRegionBlockCache | Severe | The API will call LruBlockCache.evictBlocksByHfileName, who is declared as an expensive operation(see its comments), thus non-amin may result DoS | | clearSlowLogsResponses | normal | clears queue records from ringbuffer | | updateConfiguration| normal | non-admin user can make RS reload configutation from disk by this API. | | updateRegionFavoredNodesMapping| normal | Non-admin user can change the region's best storage location by this api | | stopServer| low| stopServer on RS is slient, which make client think he/she success shutdown RS. Add preRpcCheck ont only make client receive the failed message, but also prevent the non-admin user stop the RS, even the hbase.coprocessor.regionserver.classes are not configured. ---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org
