[
https://issues.apache.org/jira/browse/HBASE-7367?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13534128#comment-13534128
]
Andrew Purtell commented on HBASE-7367:
---------------------------------------
-1
Throwing our hands up upon snapshot if security is enabled is not good enough.
In CP API design, we start by adding hooks into the server side RPC handlers
for various actions; then if that coverage isn't sufficient we hook deeper.
(For example, for the master we hook the admin ops, and also the async handlers
for table operations.)
Why not hook where the user requests the snapshot and restore function, and
only allow it if they have GLOBAL ADMIN privilege, or CREATE privilege on the
specific table? I think that is what will be minimally viable here.
> Snapshot coprocessor and ACL security
> -------------------------------------
>
> Key: HBASE-7367
> URL: https://issues.apache.org/jira/browse/HBASE-7367
> Project: HBase
> Issue Type: Sub-task
> Components: Client, master, regionserver, snapshots, Zookeeper
> Reporter: Matteo Bertozzi
> Assignee: Matteo Bertozzi
> Priority: Minor
> Fix For: hbase-6055, 0.96.0
>
> Attachments: HBASE-7367-v0.patch
>
>
> Currently snapshot don't care about ACL...
> and in the first draft snapshots should be disabled if the ACL coprocessor is
> enabled.
> After the first step, we can discuss how to handle the snapshot/restore/clone.
> Is saving and restoring the _acl_ related rights, the right way? maybe after
> 3 months we don't want to give the access the guys listed in the old _acl_...
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
