You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@ranger.apache.org by "Deepak Sharma (JIRA)" <ji...@apache.org> on 2015/12/08 09:17:10 UTC
[jira] [Created] (RANGER-774) security issue with ranger hive
authorization with export
Deepak Sharma created RANGER-774:
------------------------------------
Summary: security issue with ranger hive authorization with export
Key: RANGER-774
URL: https://issues.apache.org/jira/browse/RANGER-774
Project: Ranger
Issue Type: Bug
Components: Ranger
Affects Versions: 0.5.0
Reporter: Deepak Sharma
Assignee: Alok Lal
Priority: Critical
Fix For: 0.5.0
Details
Type: Bug
Status:OPEN (View Workflow)
Priority: Critical
Resolution: Unresolved
Affects Version/s:
Dal-M20
Fix Version/s:
Dal-M20
Component/s:
Ranger
Labels:
Ranger system_Test
OS:
All
DB:
MySQL 5.6
Security:
Secure
Wire Encryption:
Off
Tez : Off
Ranger:
On
Description
Export command in hive is violating security condition in following scenario:
#EXPORT command if SELECT permission is not there (partitioned table)1. create a partitioned table with only select permission (hive ranger policy) for user1
2. create a hdfs dir ( should be accessible to user1 - rwx)
3. check there should be no ranger policy (hdfs) for user1
4. try to export export a partition to this hdfs dir using user1 and check the result
#EXPORT a sepecific partition command if SELECT permission is not there (partitioned table)
1. create a partitioned table with no permission (no hive ranger policy) for user1
2. create a hdfs dir ( should be accessible to user1 - rwx)
3. check there should be no ranger policy (hdfs) for user1
4. try to export a partition to this hdfs dir using user1 and check the result
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)