Uploaded image for project: 'IMPALA'
  1. IMPALA
  2. IMPALA-1279

Impala does not employ ACLs when checking path permissions for LOAD and INSERT

    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: Impala 1.4.1
    • Fix Version/s: Impala 2.0
    • Component/s: None
    • Labels:
      None

      Description

      Impala checks permissions for LOAD and INSERT statements before executing them to allow for early-exit if the query would not succeed. However, it does not take extended ACLs in CDH5 into account.

      When a directory has restrictive Posix permissions (e.g. 000), but has an ACL allowing writes, Impala should allow INSERTs and LOADs to happen to that directory. Instead, the early check will disallow them.

      If the checks were disabled, the queries would execute (or not!) correctly, because we delegate to libhdfs or the DistributedFileSystem API to actually perform the operations we need.

        Attachments

          Activity

            People

            • Assignee:
              henryr Henry Robinson
              Reporter:
              henryr Henry Robinson
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: