[jira] [Commented] (HIVE-6093) table creation should fail when user does not have permissions on db

Thu, 14 Aug 2014 22:36:51 -0700 

    [ 
https://issues.apache.org/jira/browse/HIVE-6093?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14098196#comment-14098196
 ] 

Hive QA commented on HIVE-6093:
-------------------------------



{color:red}Overall{color}: -1 no tests executed

Here are the results of testing the latest attachment:
https://issues.apache.org/jira/secure/attachment/12661968/HIVE-6093.1.patch

Test results: 
http://ec2-174-129-184-35.compute-1.amazonaws.com/jenkins/job/PreCommit-HIVE-TRUNK-Build/325/testReport
Console output: 
http://ec2-174-129-184-35.compute-1.amazonaws.com/jenkins/job/PreCommit-HIVE-TRUNK-Build/325/console
Test logs: 
http://ec2-174-129-184-35.compute-1.amazonaws.com/logs/PreCommit-HIVE-TRUNK-Build-325/

Messages:
{noformat}
Executing org.apache.hive.ptest.execution.PrepPhase
Executing org.apache.hive.ptest.execution.ExecutionPhase
Tests exited with: IllegalArgumentException: No propertifies found in file: 
mainProperties for property: spark.query.files
{noformat}

This message is automatically generated.

ATTACHMENT ID: 12661968

> table creation should fail when user does not have permissions on db
> --------------------------------------------------------------------
>
>                 Key: HIVE-6093
>                 URL: https://issues.apache.org/jira/browse/HIVE-6093
>             Project: Hive
>          Issue Type: Bug
>          Components: Authorization, HCatalog, Metastore
>    Affects Versions: 0.12.0, 0.13.0
>            Reporter: Thiruvel Thirumoolan
>            Assignee: Thiruvel Thirumoolan
>            Priority: Minor
>              Labels: authorization, metastore, security
>             Fix For: 0.14.0
>
>         Attachments: HIVE-6093-1.patch, HIVE-6093.1.patch, HIVE-6093.patch
>
>
> Its possible to create a table under a database where the user does not have 
> write permission. It can be done by specifying a LOCATION where the user has 
> write access (say /tmp/foo). This should be restricted.
> HdfsAuthorizationProvider (which typically runs on client) checks the 
> database directory during table creation. But 
> StorageBasedAuthorizationProvider does not.



--
This message was sent by Atlassian JIRA
(v6.2#6252)

Reply via email to