hive-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Lefty Leverenz (JIRA)" <>
Subject [jira] [Commented] (HIVE-7583) Use FileSystem.access() if available to check file access for user
Date Wed, 13 Aug 2014 18:20:13 GMT


Lefty Leverenz commented on HIVE-7583:

When 0.14.0 is released, update this note in HCatalog Authorization:

Note: Support for HDFS ACL (introduced in Apache Hadoop 2.4) is not available in the released
versions of Hive.  Which means, that it checks only the traditional rwx style permissions
to determine if a user can write to the file system. The support for ACL is available in Hive
trunk HIVE-7583, which will be available in Hive 0.14.

* [HCatalog Authorization |]

> Use FileSystem.access() if available to check file access for user
> ------------------------------------------------------------------
>                 Key: HIVE-7583
>                 URL:
>             Project: Hive
>          Issue Type: Bug
>            Reporter: Jason Dere
>            Assignee: Jason Dere
>              Labels: TODOC14
>             Fix For: 0.14.0
>         Attachments: HIVE-7583.1.patch, HIVE-7583.2.patch, HIVE-7583.3.patch
> Hive currently implements its own file access checks to determine if a user is allowed
to perform an specified action on a file path (in StorageBasedAuthorizationProvider, also
FileUtils). This can be prone to errors or inconsistencies with how file access is actually
checked in Hadoop.
> HDFS-6570 adds a new FileSystem.access() API, so that we can perform the check using
the actual HDFS logic rather than having to imitate that behavior in Hive. For versions of
Hadoop that have this API available, we should use this API.

This message was sent by Atlassian JIRA

View raw message