[jira] [Commented] (HIVE-2079) The warehouse directory shouldn't be 777'ed

Wed, 30 Mar 2011 10:53:47 -0700 

    [ 
https://issues.apache.org/jira/browse/HIVE-2079?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13013557#comment-13013557
 ] 

Devaraj Das commented on HIVE-2079:
-----------------------------------

Edward, at Yahoo!, we run the thrift server as a standalone metastore server, 
and there the problem can be handled. The solution is still under investigation 
but here is the flow of the directory creations and permission settings:
1) Have the real warehouse directory owned by the hive-thrift-server user and 
let that have 755 permissions.
2) Have a temp warehouse directory for staging the creation of 
tables/databases, and let that have 777 permissions.
3) When a user issues a create_table/database command, the hive-thrift-server 
creates the corresponding directory in the temp location. This operation 
happens as the user in question and the directory ends up getting owned by the 
user.
4) The hive-thrift-server then moves the directory to the real warehouse 
directory. This operation is done as the hive-thrift-server user.Since the temp 
directory has 777 permissions, and the real warehouse directory is owned by the 
hive-thrift-server user, the move will succeed.

With all the work that has been done in mostly HIVE-1842 & HIVE-1696, the above 
seems possible.

Granted, this won't work when hive runs in the fat-client mode. So, most 
likely, we will make the above be based on whether metastore is running in the 
local mode or not (hive.metastore.local config).

Makes sense ?

> The warehouse directory shouldn't be 777'ed
> -------------------------------------------
>
>                 Key: HIVE-2079
>                 URL: https://issues.apache.org/jira/browse/HIVE-2079
>             Project: Hive
>          Issue Type: Bug
>          Components: Metastore, Security
>            Reporter: Devaraj Das
>            Assignee: Mac Yang
>             Fix For: 0.8.0
>
>
> The warehouse directory is created with a permissions of 777. This is to 
> allow any user to successfully create database/table directories there. The 
> security issue is that anyone can delete any directory in the warehouse. We 
> should fix this hole.

--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira

Reply via email to