Riju Trivedi created HIVE-23339:
-----------------------------------
Summary: SBA does not check permissions for DB location specified
in Create database query
Key: HIVE-23339
URL: https://issues.apache.org/jira/browse/HIVE-23339
Project: Hive
Issue Type: Bug
Components: Hive
Affects Versions: 3.1.0
Reporter: Riju Trivedi
Assignee: Shubham Chaurasia
With doAs=true and StorageBasedAuthorization provider, create database with
specific location succeeds even if user doesn't have access to that path.
{code:java}
hadoop fs -ls -d /tmp/cannot_write
drwx------ - hive hadoop 0 2020-04-01 22:53 /tmp/cannot_write
create a database under /tmp/cannot_write. We would expect it to fail, but is
actually created successfully with "hive" as the owner:
rtrivedi@bdp01:~> beeline -e "create database rtrivedi_1 location
'/tmp/cannot_write/rtrivedi_1'"
INFO : OK
No rows affected (0.116 seconds)
hive@hpchdd2e:~> hadoop fs -ls /tmp/cannot_write
Found 1 items
drwx------ - hive hadoop 0 2020-04-01 23:05 /tmp/cannot_write/rtrivedi_1
{code}
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
