Uploaded image for project: 'Hive'
  1. Hive
  2. HIVE-8376 Umbrella Jira for HiveServer2 dynamic service discovery
  3. HIVE-8173

HiveServer2 dynamic service discovery: figure out best ZooKeeper ACLs for security

    XMLWordPrintableJSON

Details

    • Sub-task
    • Status: Closed
    • Critical
    • Resolution: Fixed
    • 0.14.0
    • 0.14.0
    • HiveServer2, JDBC

    Description

      Currently while creating a znode for the ZooKeeper namespace and for server instances, the create mode is: OPEN_ACL_UNSAFE - meaning anyone can read-write. Need to figure out how a more restrictive model can be used: ideally the creator should be read/write/delete and others should be read only

      Attachments

        1. HIVE-8173.3.patch
          16 kB
          Vaibhav Gumashta
        2. HIVE-8173.2.patch
          16 kB
          Vaibhav Gumashta
        3. HIVE-8173.1.patch
          15 kB
          Vaibhav Gumashta

        Issue Links

          relates to

          Bug - A problem which impairs or prevents the functions of the product. HIVE-8557 automatically setup ZooKeeperTokenStore to use kerberos authentication when kerberos is enabled

          • Major - Major loss of function.
          • Closed
          links to

          Web Link Review Board

          Activity

            People

              vgumashta Vaibhav Gumashta
              vgumashta Vaibhav Gumashta
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: