[jira] [Commented] (HBASE-5498) Secure Bulk Load

Mon, 13 Aug 2012 04:09:46 -0700 

    [ 
https://issues.apache.org/jira/browse/HBASE-5498?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13433064#comment-13433064
 ] 

ramkrishna.s.vasudevan commented on HBASE-5498:
-----------------------------------------------

@Francis
Thanks for the latest patch.  With the latest patch bulk load seems to work 
fine. Thanks..
But one problem we are facing here is when we have permissions given on a 
specific qualifier.  As far i see in the code, in HRS.bulkLoadHFiles() we call 
the preBulkLoadHFile().
But the familyPaths that is created here is from the HFilePaths.  So we don't 
have any info on the qualifiers.  So inside the AccessController we are able to 
validate only the permission available on the Col families and not on 
qualifiers.  Pls do correct me if am missing something here.



                
> Secure Bulk Load
> ----------------
>
>                 Key: HBASE-5498
>                 URL: https://issues.apache.org/jira/browse/HBASE-5498
>             Project: HBase
>          Issue Type: Improvement
>          Components: mapred, security
>            Reporter: Francis Liu
>            Assignee: Francis Liu
>             Fix For: 0.96.0
>
>         Attachments: HBASE-5498_draft_94.patch, HBASE-5498_draft.patch
>
>
> Design doc: 
> https://cwiki.apache.org/confluence/display/HCATALOG/HBase+Secure+Bulk+Load
> Short summary:
> Security as it stands does not cover the bulkLoadHFiles() feature. Users 
> calling this method will bypass ACLs. Also loading is made more cumbersome in 
> a secure setting because of hdfs privileges. bulkLoadHFiles() moves the data 
> from user's directory to the hbase directory, which would require certain 
> write access privileges set.
> Our solution is to create a coprocessor which makes use of AuthManager to 
> verify if a user has write access to the table. If so, launches a MR job as 
> the hbase user to do the importing (ie rewrite from text to hfiles). One 
> tricky part this job will have to do is impersonate the calling user when 
> reading the input files. We can do this by expecting the user to pass an hdfs 
> delegation token as part of the secureBulkLoad() coprocessor call and extend 
> an inputformat to make use of that token. The output is written to a 
> temporary directory accessible only by hbase and then bulkloadHFiles() is 
> called.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: 
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

Reply via email to