[jira] [Commented] (HIVE-4487) Hive does not set explicit permissions on hive.exec.scratchdir

Thu, 19 Sep 2013 08:29:25 -0700 

    [ 
https://issues.apache.org/jira/browse/HIVE-4487?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13771954#comment-13771954
 ] 

Brock Noland commented on HIVE-4487:
------------------------------------

Full error message from: 
http://ec2-174-129-184-35.compute-1.amazonaws.com/logs/PreCommit-HIVE-Build-813/failed/TestParseNegative/hive.log

{noformat}
20_510_7475863120290716577-1/-ext-10000 to 0777
java.io.IOException: Failed to set permissions of path: 
/home/hiveptest/ip-10-74-50-170-hiveptest-2/apache-svn-trunk-source/build/ql/scratchdir/hive_2013-09-18_19-22-20_510_7475863120290716577-1/-ext-10000
 to 0777
        at org.apache.hadoop.fs.FileUtil.checkReturnValue(FileUtil.java:689)
        at org.apache.hadoop.fs.FileUtil.setPermission(FileUtil.java:662)
        at 
org.apache.hadoop.fs.RawLocalFileSystem.setPermission(RawLocalFileSystem.java:509)
        at 
org.apache.hadoop.fs.RawLocalFileSystem.mkdirs(RawLocalFileSystem.java:344)
        at 
org.apache.hadoop.fs.FilterFileSystem.mkdirs(FilterFileSystem.java:189)
        at 
org.apache.hadoop.fs.FilterFileSystem.mkdirs(FilterFileSystem.java:189)
        at org.apache.hadoop.fs.ProxyFileSystem.mkdirs(ProxyFileSystem.java:217)
        at 
org.apache.hadoop.fs.FilterFileSystem.mkdirs(FilterFileSystem.java:189)
        at org.apache.hadoop.fs.FileSystem.mkdirs(FileSystem.java:1126)
        at org.apache.hadoop.hive.ql.exec.CopyTask.execute(CopyTask.java:74)
        at org.apache.hadoop.hive.ql.exec.Task.executeTask(Task.java:151)
        at 
org.apache.hadoop.hive.ql.exec.TaskRunner.runSequential(TaskRunner.java:65)
        at org.apache.hadoop.hive.ql.Driver.launchTask(Driver.java:1415)
        at org.apache.hadoop.hive.ql.Driver.execute(Driver.java:1193)
        at org.apache.hadoop.hive.ql.Driver.runInternal(Driver.java:1021)
        at org.apache.hadoop.hive.ql.Driver.run(Driver.java:889)
        at org.apache.hadoop.hive.ql.QTestUtil.runLoadCmd(QTestUtil.java:539)
        at org.apache.hadoop.hive.ql.QTestUtil.createSources(QTestUtil.java:586)
        at org.apache.hadoop.hive.ql.QTestUtil.init(QTestUtil.java:678)
        at 
org.apache.hadoop.hive.ql.parse.TestParseNegative.runTest(TestParseNegative.java:248)
        at 
org.apache.hadoop.hive.ql.parse.TestParseNegative.testParseNegative_ambiguous_join_col(TestParseNegative.java:117)
{noformat}
                
> Hive does not set explicit permissions on hive.exec.scratchdir
> --------------------------------------------------------------
>
>                 Key: HIVE-4487
>                 URL: https://issues.apache.org/jira/browse/HIVE-4487
>             Project: Hive
>          Issue Type: Bug
>    Affects Versions: 0.10.0
>            Reporter: Joey Echeverria
>            Assignee: Chaoyu Tang
>             Fix For: 0.12.0
>
>         Attachments: HIVE-4487.patch
>
>
> The hive.exec.scratchdir defaults to /tmp/hive-$\{user.name\}, but when Hive 
> creates this directory it doesn't set any explicit permission on it. This 
> means if you have the default HDFS umask setting of 022, then these 
> directories end up being world readable. These permissions also get applied 
> to the staging directories and their files, thus leaving inter-stage data 
> world readable.
> This can cause a potential leak of data especially when operating on a 
> Kerberos enabled cluster. Hive should probably default these directories to 
> only be readable by the owner.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Reply via email to