[
https://issues.apache.org/jira/browse/HIVE-23339?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17104347#comment-17104347
]
Shubham Chaurasia commented on HIVE-23339:
------------------------------------------
Thanks for the pointers [~rtrivedi12].
Thanks for the review [~mgergely]. Based on our discussion, I agree that it
would be cleaner to have an API with authorizer inputs and outputs rather than
passing the properties in HiveConf as the current patch does.
For context, currently we are having below API in {{HiveAuthorizationProvider}}
{code:java}
public void authorize(Privilege[] readRequiredPriv,
Privilege[] writeRequiredPriv) throws HiveException,
AuthorizationException;
{code}
Now in {{StorageBasedAuthorizationProvider}} we need some additional
information, in this case the custom location of database from 'CREATE
DATABASE' query. Current patch achieves this by passing the location via
HiveConf. To be able to pass inputs and outputs explicitly we would need
something like below -
{code:java}
public void authorize(Privilege[] readRequiredPriv,
Privilege[] writeRequiredPriv, Set<ReadEntity> inputs, Set<WriteEntity>
outputs) throws HiveException,
AuthorizationException;
{code}
But since {{HiveAuthorizationProvider}} is a public/pluggable interface, I am
not sure about modifying it.
[~hashutosh] [~thejas] [~mgergely]
Does the above API look correct ? How to we usually modify authorizer APIs (or
any public API) in hive ? Do we have a doc/guideline for this ?
> SBA does not check permissions for DB location specified in Create database
> query
> ---------------------------------------------------------------------------------
>
> Key: HIVE-23339
> URL: https://issues.apache.org/jira/browse/HIVE-23339
> Project: Hive
> Issue Type: Bug
> Components: Hive
> Affects Versions: 3.1.0
> Reporter: Riju Trivedi
> Assignee: Shubham Chaurasia
> Priority: Critical
> Labels: pull-request-available
> Attachments: HIVE-23339.01.patch
>
> Time Spent: 10m
> Remaining Estimate: 0h
>
> With doAs=true and StorageBasedAuthorization provider, create database with
> specific location succeeds even if user doesn't have access to that path.
>
> {code:java}
> hadoop fs -ls -d /tmp/cannot_write
> drwx------ - hive hadoop 0 2020-04-01 22:53 /tmp/cannot_write
> create a database under /tmp/cannot_write. We would expect it to fail, but is
> actually created successfully with "hive" as the owner:
> rtrivedi@bdp01:~> beeline -e "create database rtrivedi_1 location
> '/tmp/cannot_write/rtrivedi_1'"
> INFO : OK
> No rows affected (0.116 seconds)
> hive@hpchdd2e:~> hadoop fs -ls /tmp/cannot_write
> Found 1 items
> drwx------ - hive hadoop 0 2020-04-01 23:05 /tmp/cannot_write/rtrivedi_1
> {code}
>
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
