GitHub user VicoWu opened a pull request:
https://github.com/apache/hive/pull/504
fix the UGI problem when reading ORC files
As mentioned in SPARK-11248, the spark thrift server have security bugs ,
cause the result that user A sometimes have the authority of user B and User B
sometimes have the authority of user A in turn. I debugged it and I find that
it is caused by the hive 1.2.1 library , OrcInputFormat.java, in which a thread
pool is created to contact with remote HDFS. Since threads in pool is reused
and shared, so , when thread-1-pool-1 is used by user A previously and after
that user B is assigned to this thread in coincidence, then user B will have
the security context of User A.
I have fixed this bug by add UserGroupInformation in this pool, to make
sure that when a user is assigned a thread, then the security is switched to
this user at the same time.
You can merge this pull request into a Git repository by running:
$ git pull https://github.com/VicoWu/hive hotfix-ugi-problem-for-thrift
Alternatively you can review and apply these changes as the patch at:
https://github.com/apache/hive/pull/504.patch
To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:
This closes #504
----
commit e086a98393ab2d68d4750dff4aa07a991a030e6d
Author: Chang Wu <chang.wu@...>
Date: 2018-12-10T03:20:26Z
fix the UGI problem when reading ORC files
----
---
