hive-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Szehon Ho (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (HIVE-6892) Permission inheritance issues
Date Fri, 23 May 2014 22:42:03 GMT

     [ https://issues.apache.org/jira/browse/HIVE-6892?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Szehon Ho updated HIVE-6892:
----------------------------

    Description: 
*HDFS Background*
* When a file or directory is created, its owner is the user identity of the client process,
and its group is inherited from parent (the BSD rule).  Permissions are taken from default
umask.  Extended Acl's are inherited from parent (? TBD)

*Goals*
Following are file/dir of Hive that are user might want to inherit security properties from
parent:
* Directories created by new table/partition/bucket should inherit from parent (groups already
inherited by HDFS, extended ACL's TBD)
* Files added to tables via load/insert should inherit from parent
* Tables both exported/imported should inherit from parent (open question of whether exported
table inheriting perm needs another flag)


Following are the security properties that user might want to inherit for the above cases
* Basic permission
* Groups (already done in some cases by HDFS for new table/partition/bucket directories)
* Extended ACL's (TBD)


*Behavior*
* When "hive.warehouse.subdir.inherit.perms" flag is enabled in Hive, Hive will try to do
all above inheritances.  In the future, we can add more flags for more finer-grained control.
* Failure by Hive to inherit will not cause operation to fail.  Rule of thumb of when it will
fail is the following:
** To run chmod, a user must be the owner of the file, or else a super-user.
** To run chgrp, a user must be the owner of files, or else a super-user.
** Hence, user that hive runs as (either 'hive' or the logged-in user in case of impersonation),
must be super-user or owner of the file whose security properties are going to be changed.


  was:Making an umbrealla JIRA to track the smaller sub-issues.


Adding some specs here.

> Permission inheritance issues
> -----------------------------
>
>                 Key: HIVE-6892
>                 URL: https://issues.apache.org/jira/browse/HIVE-6892
>             Project: Hive
>          Issue Type: Bug
>          Components: Security
>    Affects Versions: 0.13.0
>            Reporter: Szehon Ho
>            Assignee: Szehon Ho
>
> *HDFS Background*
> * When a file or directory is created, its owner is the user identity of the client process,
and its group is inherited from parent (the BSD rule).  Permissions are taken from default
umask.  Extended Acl's are inherited from parent (? TBD)
> *Goals*
> Following are file/dir of Hive that are user might want to inherit security properties
from parent:
> * Directories created by new table/partition/bucket should inherit from parent (groups
already inherited by HDFS, extended ACL's TBD)
> * Files added to tables via load/insert should inherit from parent
> * Tables both exported/imported should inherit from parent (open question of whether
exported table inheriting perm needs another flag)
> Following are the security properties that user might want to inherit for the above cases
> * Basic permission
> * Groups (already done in some cases by HDFS for new table/partition/bucket directories)
> * Extended ACL's (TBD)
> *Behavior*
> * When "hive.warehouse.subdir.inherit.perms" flag is enabled in Hive, Hive will try to
do all above inheritances.  In the future, we can add more flags for more finer-grained control.
> * Failure by Hive to inherit will not cause operation to fail.  Rule of thumb of when
it will fail is the following:
> ** To run chmod, a user must be the owner of the file, or else a super-user.
> ** To run chgrp, a user must be the owner of files, or else a super-user.
> ** Hence, user that hive runs as (either 'hive' or the logged-in user in case of impersonation),
must be super-user or owner of the file whose security properties are going to be changed.



--
This message was sent by Atlassian JIRA
(v6.2#6252)

Mime
View raw message