WebHCatJTShim23 takes UserGroupInformation object as argument (which represents the user make the call to WebHCat or doAs user) but ignores.
WebHCatJTShim20S uses the UserGroupInformation
This is inconsistent and may be a security hole because in with Hadoop 2 the methods on WebHCatJTShim are likely running with 'hcat' as the user context.
|Status||Patch Available [ 10002 ]||Resolved [ 5 ]|
|Fix Version/s||0.13.0 [ 12324986 ]|
|Resolution||Fixed [ 1 ]|