Vugar Karimli created HIVE-17252:
------------------------------------
Summary: Insecure YARN Fair Scheduler when using HiveServer2
non-impersonation mode
Key: HIVE-17252
URL: https://issues.apache.org/jira/browse/HIVE-17252
Project: Hive
Issue Type: Bug
Affects Versions: 1.1.0
Reporter: Vugar Karimli
Hi,
I am using Hive version 1.1.0 with Hadoop 2.6.0. As you know when Kerberos and
Sentry is enabled in hadoop cluster HiveServer2 user impersonation should be
turned of (hive.server2.enable.doAs=false) to force all queries in background
to be executed by hive user instead of logged in user.
In this case by default HiveServer2 takes into account Fair Scheduler and sets
mapreduce.job.queuename parameter according to logged in Hive username and
correctly executes query in user's YARN queue. For example, in
root.users.user_name queue.
But problem here is any user can modify mapreduce.job.queuename parameter
setting other user's queue name (set
mapreduce.job.queuename=root.users.other_user_name) and execute query in
another user's YARN queue. Here YARN queue's ACL also doesn't help, because all
queries are executed by hive user in YARN not by logged in user.
Is it possible to prevent HiveServer2 users changing mapreduce.job.queuename
parameter?
Best Regards,
Vugar.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
