@Enis Thank you for your reply and detail.
I underrstood that the list command requires ADMIN or CREATE and it is need to fix this in HBase if I get the list or description of the tables by READ permission.
How do you think that there are many accounts who can excecute hbase shell commands on HBase?
I think users would like to know the table name and get the list of tables by the list command. I also think that the administrator does not want to give a lot of users ADMIN or CREATE permissions.
For this reason, I thought READ permisson was better for the list command.
It seems we have made an explicit decision that getting the table descriptor should only be allowed for A or C permission, while getting the name of the table is allowed for all RWACE privileges. The discussion happened here: https://issues.apache.org/jira/browse/HBASE-12564?focusedCommentId=14234504&page=com.atlassian.jira....
However, in shell, the "list" command still uses the version that requires A or C. I've opened up a jira to fix this: https://issues.apache.org/jira/browse/HBASE-15147. Feel free to comment there if you want.
Thank you so much for your kindness.
I'll read jira pages and comment if there is something I want to say.