[
https://issues.apache.org/jira/browse/DRILL-3041?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Venki Korukanti updated DRILL-3041:
-----------------------------------
Fix Version/s: (was: 1.1.0)
1.2.0
> Impersonation-user can create view against file that user doesn't have read
> access to
> -------------------------------------------------------------------------------------
>
> Key: DRILL-3041
> URL: https://issues.apache.org/jira/browse/DRILL-3041
> Project: Apache Drill
> Issue Type: Bug
> Components: Execution - RPC
> Affects Versions: 1.0.0
> Reporter: Krystal
> Assignee: Venki Korukanti
> Fix For: 1.2.0
>
>
> git.commit.id.abbrev=d10769f
> I have a file that has the following permission:
> -rwx------ 3 qa2 users 63078 2015-01-30 21:19
> /drill/testdata/csv/voter.csv
> The directory right above the file has the following permission:
> drwxr-xr-x - qa2 users 3 2015-05-12 14:22 /drill/testdata/csv
> Logged into sqlline as a different user and attempted to create a view:
> 0: jdbc:drill:schema=dfs.root> CREATE VIEW `dfs.qa1`.`test_v4` AS SELECT
> columns[0] as column_0, columns[1] as column_1, columns[2] as column_2,
> columns[3] as column_3, columns[4] as column_4, columns[5] as column_5,
> columns[6] as column_6 FROM `dfs`.`default`.`drill/testdata/csv/voter.csv`
> LIMIT 100;
> The view got created successfully. However if I tried to read from the view,
> I can't because of the lack of permission to the voter.csv table:
> 0: jdbc:drill:schema=dfs.root> select * from `dfs.qa1`.`test_v4`;
> Error: SYSTEM ERROR: org.apache.hadoop.security.AccessControlException: Open
> failed for file: /drill/testdata/csv/voter.csv, error: Permission denied (13)
> Currently drill only check if the folder contains correct permission and not
> at the file level when creating views. It seems odd that a user is allowed
> to create the view then not being able to access it afterwards.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
