hive-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Jason Dere (JIRA)" <j...@apache.org>
Subject [jira] [Created] (HIVE-7872) StorageBasedAuthorizationProvider should check access perms of parent directory for DROP actions
Date Mon, 25 Aug 2014 19:22:59 GMT
Jason Dere created HIVE-7872:
--------------------------------

             Summary: StorageBasedAuthorizationProvider should check access perms of parent
directory for DROP actions
                 Key: HIVE-7872
                 URL: https://issues.apache.org/jira/browse/HIVE-7872
             Project: Hive
          Issue Type: Bug
          Components: Authorization
            Reporter: Jason Dere


When dropping a table partition, StorageBasedAuthorizationProvider is checking for write permission
on the partition directory itself to check if the user is allowed to drop the partition. However
to delete the partition directory, you really need write perms on the parent directory of
the file you are going to delete. So SBA will authorize the user to drop the partition but
actually deleting the partition directory will fail if the user does not have the correct
access on the table (parent) directory.

SBA should also check the parent directory for DROP actions during its auth check.



--
This message was sent by Atlassian JIRA
(v6.2#6252)

Mime
View raw message