hive-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Sergey Shelukhin (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HIVE-12855) LLAP: add checks when resolving UDFs to enforce whitelist
Date Wed, 13 Jan 2016 01:48:39 GMT

    [ https://issues.apache.org/jira/browse/HIVE-12855?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15095446#comment-15095446
] 

Sergey Shelukhin commented on HIVE-12855:
-----------------------------------------

[~hagleitn] this is potentially a security concern (unreleased version, so I created the JIRA).
Only the code on classpath can be executed, and you have to be authenticated to connect to
LLAP in the first place, but after that any UDF that LLAP can load from somewhere can be executed
by commenting out one line in the decider (or by making a request manually).

> LLAP: add checks when resolving UDFs to enforce whitelist
> ---------------------------------------------------------
>
>                 Key: HIVE-12855
>                 URL: https://issues.apache.org/jira/browse/HIVE-12855
>             Project: Hive
>          Issue Type: Sub-task
>            Reporter: Sergey Shelukhin
>
> Currently, adding a temporary UDF and calling LLAP with it (bypassing the LlapDecider
check, I did it by just modifying the source) only fails because the class could not be found.
If the UDF was accessible to LLAP, it would execute.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message