[jira] [Commented] (HIVE-15120) Storage based auth: allow option to enforce write checks for external tables

Tue, 08 Nov 2016 00:36:07 -0800 

    [ 
https://issues.apache.org/jira/browse/HIVE-15120?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15646907#comment-15646907
 ] 

Lefty Leverenz commented on HIVE-15120:
---------------------------------------

Review:  The description of 
*hive.metastore.authorization.storage.check.externaltable.drop* in 
HiveConf.java is indented by one extra space on lines 2, 3, and 4, but should 
be the same as line 1.

{code}
+        "Should StorageBasedAuthorization check permission of the storage 
before dropping external table.\n" +
+         "StorageBasedAuthorization already does this check for managed table. 
For external table however,\n" +
+         "anyone has read permission of the directory could drop external 
table, which is surprising.\n" +
+         "The flag set to false by default to maintain backward 
compatibility."),
{code}

Edits:
*  "anyone has read permission" -> "anyone who has read permission"
*  "The flag set to false" -> "The flag is set to false"

> Storage based auth: allow option to enforce write checks for external tables
> ----------------------------------------------------------------------------
>
>                 Key: HIVE-15120
>                 URL: https://issues.apache.org/jira/browse/HIVE-15120
>             Project: Hive
>          Issue Type: Bug
>          Components: Authorization
>            Reporter: Thejas M Nair
>            Assignee: Daniel Dai
>         Attachments: HIVE-15120.1.patch, HIVE-15120.2.patch, 
> HIVE-15120.3.patch
>
>
> Under storage based authorization, we don't require write permissions on 
> table directory for external table create/drop.
> This is because external table contents are populated often from outside of 
> hive and are not written into from hive. So write access is not needed. Also, 
> we can't require write permissions to drop a table if we don't require them 
> for creation (users who created them should be able to drop them).
> However, this difference in behavior of external tables is not well 
> documented. So users get surprised to learn that drop table can be done by 
> just any user who has read access to the directory. At that point changing 
> the large number of scripts that use external tables is hard. 
> It would be good to have a user config option to have external tables to be 
> treated same as managed tables.
> The option should be off by default, so that the behavior is backward 
> compatible by default.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to