You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@hive.apache.org by "ASF GitHub Bot (Jira)" <ji...@apache.org> on 2020/06/16 16:57:02 UTC

[jira] [Updated] (HIVE-16497) FileUtils. isActionPermittedForFileHierarchy, isOwnerOfFileHierarchy file system operations should be impersonated

     [ https://issues.apache.org/jira/browse/HIVE-16497?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

ASF GitHub Bot updated HIVE-16497:
----------------------------------
    Labels: pull-request-available  (was: )

> FileUtils. isActionPermittedForFileHierarchy, isOwnerOfFileHierarchy file system operations should be impersonated
> ------------------------------------------------------------------------------------------------------------------
>
>                 Key: HIVE-16497
>                 URL: https://issues.apache.org/jira/browse/HIVE-16497
>             Project: Hive
>          Issue Type: Bug
>          Components: Authorization
>            Reporter: Thejas Nair
>            Assignee: Thejas Nair
>            Priority: Major
>              Labels: pull-request-available
>             Fix For: 3.0.0
>
>         Attachments: HIVE-16497.1.patch, HIVE-16497.2.patch
>
>          Time Spent: 10m
>  Remaining Estimate: 0h
>
> FileUtils.isActionPermittedForFileHierarchy checks if user has permissions for given action. The checks are made by impersonating the user.
> However, the listing of child dirs are done as the hiveserver2 user. If the hive user doesn't have permissions on the filesystem, it gives incorrect error that the user doesn't have permissions to perform the action.
> Impersonating the end user for all file operations in that function is also logically correct thing to do.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)