Any user can scan the fate and scanref table

[keith-turner]

Describe the bug

The new fate table can be scanned by any Accumulo user. Not sure there is any legitimate need for this and the table could contain sensitive information (has serialized fate operations). Suspect the following code grants this.

accumulo/server/base/src/main/java/org/apache/accumulo/server/security/SecurityOperation.java

Line 387 in db1e652

if (namespace.equals(Namespace.ACCUMULO.id()) && permission.equals(NamespacePermission.READ)) {

Versions (OS, Maven, Java, and others, as appropriate):

• Affected version(s) of this project: 4.0.0-SNAPSHOT

To Reproduce

Was experimenting w/ the following test to explore this behavior. The test show the user does not have read permission but can still read.

diff --git a/test/src/main/java/org/apache/accumulo/test/functional/PermissionsIT.java b/test/src/main/java/org/apache/accumulo/test/functional/PermissionsIT.java
index 1009f874ca..01629a1b33 100644
--- a/test/src/main/java/org/apache/accumulo/test/functional/PermissionsIT.java
+++ b/test/src/main/java/org/apache/accumulo/test/functional/PermissionsIT.java
@@ -694,6 +694,7 @@ public class PermissionsIT extends AccumuloClusterHarness {
     }
     loginAs(rootUser);
     try (AccumuloClient c = Accumulo.newClient().from(getClientProps()).build()) {
+
       c.securityOperations().createLocalUser(principal, passwordToken);
       loginAs(testUser);
       try (AccumuloClient test_user_client =
@@ -703,6 +704,12 @@ public class PermissionsIT extends AccumuloClusterHarness {
         loginAs(rootUser);
         verifyHasOnlyTheseTablePermissions(c, c.whoami(), SystemTables.METADATA.tableName(),
             TablePermission.READ, TablePermission.ALTER_TABLE);
+        verifyHasOnlyTheseTablePermissions(c, test_user_client.whoami(), SystemTables.FATE.tableName());
+        verifyHasOnlyTheseTablePermissions(c, test_user_client.whoami(), SystemTables.SCAN_REF.tableName());
+        try(var scanner = test_user_client.createScanner(SystemTables.FATE.tableName())){
+          scanner.iterator().hasNext();
+        }
+
         String tableName = getUniqueNames(1)[0] + "__TABLE_PERMISSION_TEST__";
 
         // test each permission

Expected behavior

By default users can not read or write to the fate and scanref tables.

From a testing perspective may be good to also verify by default users can not write to the metadata and root table if that test does not exists.

[keith-turner]

Noticed this while working on #6119