Hive
  1. Hive
  2. HIVE-5635

WebHCatJTShim23 ignores security/user context

    Details

    • Type: Bug Bug
    • Status: Resolved
    • Priority: Major Major
    • Resolution: Fixed
    • Affects Version/s: 0.12.0
    • Fix Version/s: 0.13.0
    • Component/s: WebHCat
    • Labels:
      None

      Description

      WebHCatJTShim23 takes UserGroupInformation object as argument (which represents the user make the call to WebHCat or doAs user) but ignores.

      WebHCatJTShim20S uses the UserGroupInformation

      This is inconsistent and may be a security hole because in with Hadoop 2 the methods on WebHCatJTShim are likely running with 'hcat' as the user context.

      1. HIVE-5635.patch
        1 kB
        Eugene Koifman
      2. HIVE-5635.3.patch
        1 kB
        Eugene Koifman
      3. HIVE-5635.2.patch
        1 kB
        Eugene Koifman

        Activity

        Eugene Koifman created issue -
        Eugene Koifman made changes -
        Field Original Value New Value
        Attachment HIVE-5635.patch [ 12610389 ]
        Eugene Koifman made changes -
        Status Open [ 1 ] Patch Available [ 10002 ]
        Eugene Koifman made changes -
        Attachment HIVE-5635.2.patch [ 12613732 ]
        Eugene Koifman made changes -
        Status Patch Available [ 10002 ] Open [ 1 ]
        Eugene Koifman made changes -
        Status Open [ 1 ] Patch Available [ 10002 ]
        Eugene Koifman made changes -
        Status Patch Available [ 10002 ] Open [ 1 ]
        Eugene Koifman made changes -
        Status Open [ 1 ] Patch Available [ 10002 ]
        Eugene Koifman made changes -
        Attachment HIVE-5635.3.patch [ 12614535 ]
        Thejas M Nair made changes -
        Status Patch Available [ 10002 ] Resolved [ 5 ]
        Fix Version/s 0.13.0 [ 12324986 ]
        Resolution Fixed [ 1 ]

          People

          • Assignee:
            Eugene Koifman
            Reporter:
            Eugene Koifman
          • Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Development