[jira] [Assigned] (DRILL-3820) Nested Directories : Metadata Cache in a directory stores information from sub-directories as well creating security issues
[ https://issues.apache.org/jira/browse/DRILL-3820?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Parth Chandra reassigned DRILL-3820: Assignee: Parth Chandra (was: Aman Sinha) > Nested Directories : Metadata Cache in a directory stores information from > sub-directories as well creating security issues > --- > > Key: DRILL-3820 > URL: https://issues.apache.org/jira/browse/DRILL-3820 > Project: Apache Drill > Issue Type: Bug > Components: Metadata >Reporter: Rahul Challapalli >Assignee: Parth Chandra >Priority: Critical > Fix For: 1.3.0 > > > git.commit.id.abbrev=3c89b30 > User A has access to lineitem folder and its subfolders > User B had access to lineitem folder but not its sub-folders. > Now when User A runs the "refresh table metadata lineitem" command, the cache > file gets created under lineitem folder. This file contains information from > the underlying sub-directories as well. > Now User B can download this file and get access to information which he > should not be seeing in the first place. > This can be very easily reproducible if impersonation is enabled on the > cluster. > Let me know if you need more information to reproduce this issue -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Assigned] (DRILL-3820) Nested Directories : Metadata Cache in a directory stores information from sub-directories as well creating security issues
[ https://issues.apache.org/jira/browse/DRILL-3820?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Steven Phillips reassigned DRILL-3820: -- Assignee: Steven Phillips > Nested Directories : Metadata Cache in a directory stores information from > sub-directories as well creating security issues > --- > > Key: DRILL-3820 > URL: https://issues.apache.org/jira/browse/DRILL-3820 > Project: Apache Drill > Issue Type: Bug > Components: Metadata >Reporter: Rahul Challapalli >Assignee: Steven Phillips >Priority: Critical > Fix For: 1.2.0 > > > git.commit.id.abbrev=3c89b30 > User A has access to lineitem folder and its subfolders > User B had access to lineitem folder but not its sub-folders. > Now when User A runs the "refresh table metadata lineitem" command, the cache > file gets created under lineitem folder. This file contains information from > the underlying sub-directories as well. > Now User B can download this file and get access to information which he > should not be seeing in the first place. > This can be very easily reproducible if impersonation is enabled on the > cluster. > Let me know if you need more information to reproduce this issue -- This message was sent by Atlassian JIRA (v6.3.4#6332)
