[
https://issues.apache.org/jira/browse/HBASE-7331?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13529579#comment-13529579
]
Andrew Purtell commented on HBASE-7331:
---------------------------------------
Introduction of RegionServerObserver seems ok. The idea has been discussed also
in HBASE-4047, see comment of 17/Nov/12 17:28.
The small refactor of how we do TableAuthManager.get looks ok.
Since you mention this is the first cut of a patch only, the formatting of the
changes do not conform to our coding conventions. See
http://hbase.apache.org/book/submitting.patches.html and
http://www.oracle.com/technetwork/java/codeconv-138413.html . Especially, each
indent level should be +2 spaces. Maybe some tabs got mixed in? Lines can be up
to 100 chars long, no need to wrap before that. In this case I would have fixed
up where it looks wrong on commit, but FYI more involved patches might not be
accepted.
Trying out the patch.
> Fix missing coprocessor hooks for openRegion, closeRegion, lockRow, unlockRow
> and stop region server.
> ------------------------------------------------------------------------------------------------------
>
> Key: HBASE-7331
> URL: https://issues.apache.org/jira/browse/HBASE-7331
> Project: HBase
> Issue Type: Sub-task
> Components: regionserver, security
> Affects Versions: 0.94.3, 0.96.0
> Reporter: Vandana Ayyalasomayajula
> Assignee: Vandana Ayyalasomayajula
> Fix For: 0.94.3, 0.96.0
>
> Attachments: HBASE-7331_94.patch, HBASE-7331_trunk.patch
>
>
> The following APIs in HRegionServer are either missing hooks to coprocessor
> or the hooks are not implemented in the AccessController class for security.
> As a result any unauthorized user can:
> 1.Open a region
> 2. Close a region
> 3. Stop region server
> 4. Lock a row
> 5. Unlock a row.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
