hive-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Thejas M Nair (JIRA)" <j...@apache.org>
Subject [jira] [Assigned] (HIVE-7872) StorageBasedAuthorizationProvider should check access perms of parent directory for DROP actions
Date Wed, 27 Aug 2014 18:05:58 GMT

     [ https://issues.apache.org/jira/browse/HIVE-7872?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Thejas M Nair reassigned HIVE-7872:
-----------------------------------

    Assignee: Thejas M Nair

> StorageBasedAuthorizationProvider should check access perms of parent directory for DROP
actions
> ------------------------------------------------------------------------------------------------
>
>                 Key: HIVE-7872
>                 URL: https://issues.apache.org/jira/browse/HIVE-7872
>             Project: Hive
>          Issue Type: Bug
>          Components: Authorization
>            Reporter: Jason Dere
>            Assignee: Thejas M Nair
>
> When dropping a table partition, StorageBasedAuthorizationProvider is checking for write
permission on the partition directory itself to check if the user is allowed to drop the partition.
However to delete the partition directory, you really need write perms on the parent directory
of the file you are going to delete. So SBA will authorize the user to drop the partition
but actually deleting the partition directory will fail if the user does not have the correct
access on the table (parent) directory.
> SBA should also check the parent directory for DROP actions during its auth check.



--
This message was sent by Atlassian JIRA
(v6.2#6252)

Mime
View raw message