Uploaded image for project: 'Ranger'
  1. Ranger
  2. RANGER-1126

Authorization checks for non existent file/directory should not be recursive in Ranger Hive authorizer

    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 0.5.0, 0.6.0
    • Fix Version/s: 0.7.0, 0.6.2
    • Component/s: plugins
    • Labels:
      None

      Description

      When the file path specified in Hive statements like 'create external table' does not exists, Ranger Hive authorizer checks for permissions in all child objects of the given path's parent directory. This can be error prone and also if the parent directory contains a large number of files/directories, this can be an expensive.

      This issue was fixed in Hive SQLStd authorizer in HIVE-10022. Ranger Hive authorizer should be updated similarly.

        Attachments

        1. RANGER-1126.patch
          3 kB
          Ramesh Mani

          Activity

            People

            • Assignee:
              rmani Ramesh Mani
              Reporter:
              madhan Madhan Neethiraj
            • Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: