Uploaded image for project: 'Ranger'
  1. Ranger
  2. RANGER-1126

Authorization checks for non existent file/directory should not be recursive in Ranger Hive authorizer

Attach filesAttach ScreenshotVotersWatch issueWatchersCreate sub-taskLinkCloneUpdate Comment AuthorReplace String in CommentUpdate Comment VisibilityDelete Comments
    XMLWordPrintableJSON

Details

    • Bug
    • Status: Resolved
    • Major
    • Resolution: Fixed
    • 0.5.0, 0.6.0
    • 0.7.0, 0.6.2
    • plugins
    • None

    Description

      When the file path specified in Hive statements like 'create external table' does not exists, Ranger Hive authorizer checks for permissions in all child objects of the given path's parent directory. This can be error prone and also if the parent directory contains a large number of files/directories, this can be an expensive.

      This issue was fixed in Hive SQLStd authorizer in HIVE-10022. Ranger Hive authorizer should be updated similarly.

      Attachments

        Activity

          This comment will be Viewable by All Users Viewable by All Users
          Cancel

          People

            rmani Ramesh Mani
            madhan Madhan Neethiraj
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Issue deployment