Uploaded image for project: 'Hive'
  1. Hive
  2. HIVE-5635

WebHCatJTShim23 ignores security/user context

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 0.12.0
    • Fix Version/s: 0.13.0
    • Component/s: WebHCat
    • Labels:
      None

      Description

      WebHCatJTShim23 takes UserGroupInformation object as argument (which represents the user make the call to WebHCat or doAs user) but ignores.

      WebHCatJTShim20S uses the UserGroupInformation

      This is inconsistent and may be a security hole because in with Hadoop 2 the methods on WebHCatJTShim are likely running with 'hcat' as the user context.

        Attachments

        1. HIVE-5635.2.patch
          1 kB
          Eugene Koifman
        2. HIVE-5635.3.patch
          1 kB
          Eugene Koifman
        3. HIVE-5635.patch
          1 kB
          Eugene Koifman

          Activity

            People

            • Assignee:
              ekoifman Eugene Koifman
              Reporter:
              ekoifman Eugene Koifman
            • Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: