Home | About | Sematext search-lucene.com search-hadoop.com
NEW: Monitor These Apps!
elasticsearch, apache solr, apache hbase, hadoop, redis, casssandra, amazon cloudwatch, mysql, memcached, apache kafka, apache zookeeper, apache storm, ubuntu, centOS, red hat, debian, puppet labs, java, senseiDB
 Search Hadoop and all its subprojects:

Switch to Threaded View
HBase >> mail # dev >> No security sources in 0.92.0 release tarballs.


Copy link to this message
-
Re: No security sources in 0.92.0 release tarballs.
Jon,

Thanks for spotting it.  I'll pick it up.  Assuming this means changes
to src/assembly/all.xml...  I'll read up on the assembly plugin in.

--gh
On Thu, Jan 26, 2012 at 12:15 PM, Jonathan Hsieh <[EMAIL PROTECTED]> wrote:
> Andrew, Gary,
>
> Sorry, I should have written the initial message a little more clearly, but
> Gary's clarification is spot on.
>
> I've filed it as a 0.94 and 0.92.1 blocker.
> https://issues.apache.org/jira/browse/HBASE-5288
>
> Can one of you guys pick it up the fix for this?
>
> Jon.
>
> On Thu, Jan 26, 2012 at 11:50 AM, Andrew Purtell <[EMAIL PROTECTED]>wrote:
>
>> So I reread this and I probably misunderstood for a moment what Jon was
>> saying.
>>
>> I mentioned this in another email last week, regardless it is important to
>> tag security as alpha and anyone who wants to seriously use it for more
>> than just secure RPC is going to need to patch with HBASE-5195.
>>
>> So I presume 5195 and the sources will appear in 0.92.1.
>>
>>
>> Best regards,
>>
>>     - Andy
>>
>> Problems worthy of attack prove their worth by hitting back. - Piet Hein
>> (via Tom White)
>>
>>
>> ----- Original Message -----
>> > From: Andrew Purtell <[EMAIL PROTECTED]>
>> > To: "[EMAIL PROTECTED]" <[EMAIL PROTECTED]>
>> > Cc:
>> > Sent: Thursday, January 26, 2012 11:39 AM
>> > Subject: Re: No security sources in 0.92.0 release tarballs.
>> >
>> > Can't believe I missed that. I haven't been paying enough attention to
>> > upstream.
>> >
>> >
>> > However, this isn't the worst thing that could have happened, without
>> > HBASE-5195 in the upstream sources security isn't going to adequately
>> > protect Gets. Also there is a shell nit to fix (HBASE-5265).
>> >
>> >
>> > Put it 0.94. No problem. It wouldn't be unreasonable to consider
>> > coprocessors more baked than security in upstream.
>> >
>> >
>> > Best regards,
>> >
>> >     - Andy
>> >
>> > Problems worthy of attack prove their worth by hitting back. - Piet Hein
>> (via
>> > Tom White)
>> >
>> >
>> >
>> >> ________________________________
>> >>  From: Jonathan Hsieh <[EMAIL PROTECTED]>
>> >> To: [EMAIL PROTECTED]
>> >> Sent: Thursday, January 26, 2012 11:29 AM
>> >> Subject: No security sources in 0.92.0 release tarballs.
>> >>
>> >> Ugh, it looks like we all missed that 0.92.0 release tarballs (both
>> >> security compile and normal) do not contain any of the source of the
>> >> security work.
>> >>
>> >> Jon.
>> >>
>> >> --
>> >> // Jonathan Hsieh (shay)
>> >> // Software Engineer, Cloudera
>> >> // [EMAIL PROTECTED]
>> >>
>> >>
>> >>
>> >
>>
>
>
>
> --
> // Jonathan Hsieh (shay)
> // Software Engineer, Cloudera
> // [EMAIL PROTECTED]
NEW: Monitor These Apps!
elasticsearch, apache solr, apache hbase, hadoop, redis, casssandra, amazon cloudwatch, mysql, memcached, apache kafka, apache zookeeper, apache storm, ubuntu, centOS, red hat, debian, puppet labs, java, senseiDB