[
https://issues.apache.org/jira/browse/HIVE-8893?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14220357#comment-14220357
]
Lefty Leverenz commented on HIVE-8893:
--------------------------------------
Doc questions: Although I removed the TODOC15 label, I wonder whether this
needs more documentation. For example, should
*hive.server2.builtin.udf.whitelist* and *hive.server2.builtin.udf.blacklist*
be added to *hive.conf.restricted.list* to prevent user changes? And should
they be mentioned in the HiveServer2 docs or perhaps the UDF doc?
> Implement whitelist for builtin UDFs to avoid untrused code execution in
> multiuser mode
> ---------------------------------------------------------------------------------------
>
> Key: HIVE-8893
> URL: https://issues.apache.org/jira/browse/HIVE-8893
> Project: Hive
> Issue Type: Bug
> Components: Authorization, HiveServer2, SQL
> Affects Versions: 0.14.0
> Reporter: Prasad Mujumdar
> Assignee: Prasad Mujumdar
> Fix For: 0.15.0
>
> Attachments: HIVE-8893.3.patch, HIVE-8893.4.patch, HIVE-8893.5.patch,
> HIVE-8893.6.patch
>
>
> The udfs like reflect() or java_method() enables executing a java method as
> udf. While this offers lot of flexibility in the standalone mode, it can
> become a security loophole in a secure multiuser environment. For example, in
> HiveServer2 one can execute any available java code with user hive's
> credentials.
> We need a whitelist and blacklist to restrict builtin udfs in Hiveserver2.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
