[ https://issues.apache.org/jira/browse/HIVE-4487?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13769116#comment-13769116 ]
Hive QA commented on HIVE-4487: ------------------------------- {color:green}Overall{color}: +1 all checks pass Here are the results of testing the latest attachment: https://issues.apache.org/jira/secure/attachment/12589262/HIVE-4487.patch {color:green}SUCCESS:{color} +1 3125 tests passed Test results: https://builds.apache.org/job/PreCommit-HIVE-Build/770/testReport Console output: https://builds.apache.org/job/PreCommit-HIVE-Build/770/console Messages: {noformat} Executing org.apache.hive.ptest.execution.PrepPhase Executing org.apache.hive.ptest.execution.ExecutionPhase Executing org.apache.hive.ptest.execution.ReportingPhase {noformat} This message is automatically generated. > Hive does not set explicit permissions on hive.exec.scratchdir > -------------------------------------------------------------- > > Key: HIVE-4487 > URL: https://issues.apache.org/jira/browse/HIVE-4487 > Project: Hive > Issue Type: Bug > Affects Versions: 0.10.0 > Reporter: Joey Echeverria > Assignee: Chaoyu Tang > Attachments: HIVE-4487.patch > > > The hive.exec.scratchdir defaults to /tmp/hive-$\{user.name\}, but when Hive > creates this directory it doesn't set any explicit permission on it. This > means if you have the default HDFS umask setting of 022, then these > directories end up being world readable. These permissions also get applied > to the staging directories and their files, thus leaving inter-stage data > world readable. > This can cause a potential leak of data especially when operating on a > Kerberos enabled cluster. Hive should probably default these directories to > only be readable by the owner. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira