[
https://issues.apache.org/jira/browse/HIVE-7872?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Thejas M Nair resolved HIVE-7872.
---------------------------------
Resolution: Duplicate
Fixed as part of HIVE-7895
> StorageBasedAuthorizationProvider should check access perms of parent
> directory for DROP actions
> ------------------------------------------------------------------------------------------------
>
> Key: HIVE-7872
> URL: https://issues.apache.org/jira/browse/HIVE-7872
> Project: Hive
> Issue Type: Bug
> Components: Authorization
> Reporter: Jason Dere
> Assignee: Thejas M Nair
>
> When dropping a table partition, StorageBasedAuthorizationProvider is
> checking for write permission on the partition directory itself to check if
> the user is allowed to drop the partition. However to delete the partition
> directory, you really need write perms on the parent directory of the file
> you are going to delete. So SBA will authorize the user to drop the partition
> but actually deleting the partition directory will fail if the user does not
> have the correct access on the table (parent) directory.
> SBA should also check the parent directory for DROP actions during its auth
> check.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
