hive-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Chaoyu Tang (JIRA)" <>
Subject [jira] [Commented] (HIVE-3756) "LOAD DATA" does not honor permission inheritence
Date Wed, 17 Jul 2013 16:46:51 GMT


Chaoyu Tang commented on HIVE-3756:

Yes, IMO, the table should preserve its own permission/group B in the insert-overwrite case.
Here is a use case, a database is created to allow a group to access (the mode of /dbdir can
be 770) and a certain table in this db (/dbdir/tbldir) is only allowed to admin himself (say
permission mode 700). If the admin insert overwrite data to this table, it will change the
/dbdir/tbldir to 770, breaking the security unexpectedly.
I can change code to preserve this permission/group of the overwritten table. It seems a minor
> "LOAD DATA" does not honor permission inheritence
> -------------------------------------------------
>                 Key: HIVE-3756
>                 URL:
>             Project: Hive
>          Issue Type: Bug
>          Components: Authorization, Security
>    Affects Versions: 0.9.0
>            Reporter: Johndee Burks
>            Assignee: Chaoyu Tang
>         Attachments: HIVE-3756_1.patch, HIVE-3756.patch
> When a "LOAD DATA" operation is performed the resulting data in hdfs for the table does
not maintain permission inheritance. This remains true even with the "hive.warehouse.subdir.inherit.perms"
set to true.
> The issue is easily reproducible by creating a table and loading some data into it. After
the load is complete just do a "dfs -ls -R" on the warehouse directory and you will see that
the inheritance of permissions worked for the table directory but not for the data. 

This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see:

View raw message