[
https://issues.apache.org/jira/browse/HIVE-2079?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13104063#comment-13104063
]
Ashutosh Chauhan commented on HIVE-2079:
----------------------------------------
Apart from permissions of warehouse dir, ownership of warehouse dir also needs
to be fixed. On a fresh install, warehouse directory doesn't get created while
metastore server is starting and first client doing any filesystem operation
ends up being its owner. We already have checkForDefaultDb(), we similarly need
checkForWarehouseDir().
> The warehouse directory shouldn't be 777'ed
> -------------------------------------------
>
> Key: HIVE-2079
> URL: https://issues.apache.org/jira/browse/HIVE-2079
> Project: Hive
> Issue Type: Bug
> Components: Metastore, Security
> Reporter: Devaraj Das
> Assignee: Mac Yang
>
> The warehouse directory is created with a permissions of 777. This is to
> allow any user to successfully create database/table directories there. The
> security issue is that anyone can delete any directory in the warehouse. We
> should fix this hole.
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
