[
https://issues.apache.org/jira/browse/HIVE-5989?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Thejas M Nair updated HIVE-5989:
--------------------------------
Resolution: Fixed
Fix Version/s: 0.13.0
Status: Resolved (was: Patch Available)
Patch committed to trunk.
Thanks for the contribution Sushanth!
> Hive metastore authorization check is not threadsafe
> ----------------------------------------------------
>
> Key: HIVE-5989
> URL: https://issues.apache.org/jira/browse/HIVE-5989
> Project: Hive
> Issue Type: Bug
> Components: Metastore, Security
> Affects Versions: 0.11.0, 0.12.0, 0.12.1
> Reporter: Sushanth Sowmyan
> Assignee: Sushanth Sowmyan
> Priority: Critical
> Fix For: 0.13.0
>
> Attachments: HIVE-5989.2.patch, HIVE-5989.patch, SleepyAP.patch
>
>
> Metastore-side authorization has a couple of pretty important threadsafety
> bugs in it:
> a) The HiveMetastoreAuthenticated instantiated by the
> AuthorizationPreEventListener is static. This is a premature optimization and
> incorrect, as it will result in Authenticator implementations that store
> state potentially giving an incorrect result, and this bug very much exists
> with the DefaultMetastoreAuthenticator.
> b) It assumes HMSHandler.getHiveConf() is itself going to be thread-safe,
> which it is not. HMSHandler.getConf() is the appropriate thread-safe
> equivalent.
> The effect of this bug is that if there are two users that are concurrently
> running jobs on the metastore, we might :
> a) Allow a user to do something they didn't have permission to, because the
> other person did. (Security hole)
> b) Disallow a user from doing something they should have permission to (More
> common - annoying and can cause job failures)
--
This message was sent by Atlassian JIRA
(v6.1.5#6160)
