[
https://issues.apache.org/jira/browse/HIVE-4487?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13771713#comment-13771713
]
Hudson commented on HIVE-4487:
------------------------------
FAILURE: Integrated in Hive-trunk-h0.21 #2341 (See
[https://builds.apache.org/job/Hive-trunk-h0.21/2341/])
HIVE-5313 - HIVE-4487 breaks build because 0.20.2 is missing
FSPermission(string) (brock:
http://svn.apache.org/viewcvs.cgi/?root=Apache-SVN&view=rev&rev=1524578)
* /hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/Context.java
HIVE-4487 - Hive does not set explicit permissions on hive.exec.scratchdir
(Chaoyu Tang via Brock Noland) (brock:
http://svn.apache.org/viewcvs.cgi/?root=Apache-SVN&view=rev&rev=1524509)
* /hive/trunk/common/src/java/org/apache/hadoop/hive/conf/HiveConf.java
* /hive/trunk/ql/src/java/org/apache/hadoop/hive/ql/Context.java
> Hive does not set explicit permissions on hive.exec.scratchdir
> --------------------------------------------------------------
>
> Key: HIVE-4487
> URL: https://issues.apache.org/jira/browse/HIVE-4487
> Project: Hive
> Issue Type: Bug
> Affects Versions: 0.10.0
> Reporter: Joey Echeverria
> Assignee: Chaoyu Tang
> Fix For: 0.12.0
>
> Attachments: HIVE-4487.patch
>
>
> The hive.exec.scratchdir defaults to /tmp/hive-$\{user.name\}, but when Hive
> creates this directory it doesn't set any explicit permission on it. This
> means if you have the default HDFS umask setting of 022, then these
> directories end up being world readable. These permissions also get applied
> to the staging directories and their files, thus leaving inter-stage data
> world readable.
> This can cause a potential leak of data especially when operating on a
> Kerberos enabled cluster. Hive should probably default these directories to
> only be readable by the owner.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
