Jason Dere created HIVE-7872:
--------------------------------
Summary: StorageBasedAuthorizationProvider should check access
perms of parent directory for DROP actions
Key: HIVE-7872
URL: https://issues.apache.org/jira/browse/HIVE-7872
Project: Hive
Issue Type: Bug
Components: Authorization
Reporter: Jason Dere
When dropping a table partition, StorageBasedAuthorizationProvider is checking
for write permission on the partition directory itself to check if the user is
allowed to drop the partition. However to delete the partition directory, you
really need write perms on the parent directory of the file you are going to
delete. So SBA will authorize the user to drop the partition but actually
deleting the partition directory will fail if the user does not have the
correct access on the table (parent) directory.
SBA should also check the parent directory for DROP actions during its auth
check.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
