Return-Path: X-Original-To: archive-asf-public-internal@cust-asf2.ponee.io Delivered-To: archive-asf-public-internal@cust-asf2.ponee.io Received: from cust-asf.ponee.io (cust-asf.ponee.io [163.172.22.183]) by cust-asf2.ponee.io (Postfix) with ESMTP id A409C200D26 for ; Fri, 6 Oct 2017 04:11:06 +0200 (CEST) Received: by cust-asf.ponee.io (Postfix) id A272E160BDA; Fri, 6 Oct 2017 02:11:06 +0000 (UTC) Delivered-To: archive-asf-public@cust-asf.ponee.io Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by cust-asf.ponee.io (Postfix) with SMTP id E68031609E2 for ; Fri, 6 Oct 2017 04:11:05 +0200 (CEST) Received: (qmail 73305 invoked by uid 500); 6 Oct 2017 02:11:05 -0000 Mailing-List: contact issues-help@hive.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@hive.apache.org Delivered-To: mailing list issues@hive.apache.org Received: (qmail 73286 invoked by uid 99); 6 Oct 2017 02:11:05 -0000 Received: from pnap-us-west-generic-nat.apache.org (HELO spamd2-us-west.apache.org) (209.188.14.142) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 06 Oct 2017 02:11:05 +0000 Received: from localhost (localhost [127.0.0.1]) by spamd2-us-west.apache.org (ASF Mail Server at spamd2-us-west.apache.org) with ESMTP id 512101A03B9 for ; Fri, 6 Oct 2017 02:11:04 +0000 (UTC) X-Virus-Scanned: Debian amavisd-new at spamd2-us-west.apache.org X-Spam-Flag: NO X-Spam-Score: -100.002 X-Spam-Level: X-Spam-Status: No, score=-100.002 tagged_above=-999 required=6.31 tests=[RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001, USER_IN_WHITELIST=-100] autolearn=disabled Received: from mx1-lw-eu.apache.org ([10.40.0.8]) by localhost (spamd2-us-west.apache.org [10.40.0.9]) (amavisd-new, port 10024) with ESMTP id 5pD11sfrUMfv for ; Fri, 6 Oct 2017 02:11:03 +0000 (UTC) Received: from mailrelay1-us-west.apache.org (mailrelay1-us-west.apache.org [209.188.14.139]) by mx1-lw-eu.apache.org (ASF Mail Server at mx1-lw-eu.apache.org) with ESMTP id 031E05F2AD for ; Fri, 6 Oct 2017 02:11:03 +0000 (UTC) Received: from jira-lw-us.apache.org (unknown [207.244.88.139]) by mailrelay1-us-west.apache.org (ASF Mail Server at mailrelay1-us-west.apache.org) with ESMTP id DA303E0D74 for ; Fri, 6 Oct 2017 02:11:00 +0000 (UTC) Received: from jira-lw-us.apache.org (localhost [127.0.0.1]) by jira-lw-us.apache.org (ASF Mail Server at jira-lw-us.apache.org) with ESMTP id 6AACF24335 for ; Fri, 6 Oct 2017 02:11:00 +0000 (UTC) Date: Fri, 6 Oct 2017 02:11:00 +0000 (UTC) From: "Tao Li (JIRA)" To: issues@hive.apache.org Message-ID: In-Reply-To: References: Subject: [jira] [Commented] (HIVE-17701) Added restriction to historic queries on web UI MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394 archived-at: Fri, 06 Oct 2017 02:11:06 -0000 [ https://issues.apache.org/jira/browse/HIVE-17701?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16194047#comment-16194047 ] Tao Li commented on HIVE-17701: ------------------------------- So with the patch, if the auth is enabled and user is not admin, then we return the error page. If auth is disabled, then any user can view all the queries. > Added restriction to historic queries on web UI > ----------------------------------------------- > > Key: HIVE-17701 > URL: https://issues.apache.org/jira/browse/HIVE-17701 > Project: Hive > Issue Type: Bug > Components: HiveServer2 > Reporter: Thejas M Nair > Assignee: Tao Li > Attachments: HIVE-17701.1.patch, HIVE-17701.2.patch > > > The HiveServer2 Web UI (HIVE-12550) shows recently completed queries. > However, a user can see the queries run by other users as well, and that is a security/privacy concern. > Only admin users should be allowed to see queries from other users (similar to behavior of display for configs, stack trace etc). -- This message was sent by Atlassian JIRA (v6.4.14#64029)