[
https://issues.apache.org/jira/browse/HIVE-16497?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
ASF GitHub Bot updated HIVE-16497:
----------------------------------
Labels: pull-request-available (was: )
> FileUtils. isActionPermittedForFileHierarchy, isOwnerOfFileHierarchy file
> system operations should be impersonated
> ------------------------------------------------------------------------------------------------------------------
>
> Key: HIVE-16497
> URL: https://issues.apache.org/jira/browse/HIVE-16497
> Project: Hive
> Issue Type: Bug
> Components: Authorization
> Reporter: Thejas Nair
> Assignee: Thejas Nair
> Priority: Major
> Labels: pull-request-available
> Fix For: 3.0.0
>
> Attachments: HIVE-16497.1.patch, HIVE-16497.2.patch
>
> Time Spent: 10m
> Remaining Estimate: 0h
>
> FileUtils.isActionPermittedForFileHierarchy checks if user has permissions
> for given action. The checks are made by impersonating the user.
> However, the listing of child dirs are done as the hiveserver2 user. If the
> hive user doesn't have permissions on the filesystem, it gives incorrect
> error that the user doesn't have permissions to perform the action.
> Impersonating the end user for all file operations in that function is also
> logically correct thing to do.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
