[
https://issues.apache.org/jira/browse/HIVE-7583?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14095850#comment-14095850
]
Lefty Leverenz commented on HIVE-7583:
--------------------------------------
When 0.14.0 is released, update this note in HCatalog Authorization:
{quote}
Note: Support for HDFS ACL (introduced in Apache Hadoop 2.4) is not available
in the released versions of Hive. Which means, that it checks only the
traditional rwx style permissions to determine if a user can write to the file
system. The support for ACL is available in Hive trunk HIVE-7583, which will be
available in Hive 0.14.
{quote}
* [HCatalog Authorization |
https://cwiki.apache.org/confluence/display/Hive/HCatalog+Authorization]
> Use FileSystem.access() if available to check file access for user
> ------------------------------------------------------------------
>
> Key: HIVE-7583
> URL: https://issues.apache.org/jira/browse/HIVE-7583
> Project: Hive
> Issue Type: Bug
> Reporter: Jason Dere
> Assignee: Jason Dere
> Labels: TODOC14
> Fix For: 0.14.0
>
> Attachments: HIVE-7583.1.patch, HIVE-7583.2.patch, HIVE-7583.3.patch
>
>
> Hive currently implements its own file access checks to determine if a user
> is allowed to perform an specified action on a file path (in
> StorageBasedAuthorizationProvider, also FileUtils). This can be prone to
> errors or inconsistencies with how file access is actually checked in Hadoop.
> HDFS-6570 adds a new FileSystem.access() API, so that we can perform the
> check using the actual HDFS logic rather than having to imitate that behavior
> in Hive. For versions of Hadoop that have this API available, we should use
> this API.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
