[jira] [Commented] (RANGER-3298) Add coarse URI check for Hive Agent

Pradeep Agrawal (Jira) Wed, 08 Dec 2021 20:28:05 -0800


    [ 
https://issues.apache.org/jira/browse/RANGER-3298?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17456136#comment-17456136
 ]


Pradeep Agrawal commented on RANGER-3298:
-----------------------------------------

PMD fix RR link : https://reviews.apache.org/r/73750/

Commits Link : 

https://github.com/apache/ranger/commit/fcea57497766576c97591801fcd81e63b9a532b0

https://github.com/apache/ranger/commit/00dd3fcd88aa6e10bf1f2e3a68c76a85c7218de2

> Add coarse URI check for Hive Agent
> -----------------------------------
>
>                 Key: RANGER-3298
>                 URL: https://issues.apache.org/jira/browse/RANGER-3298
>             Project: Ranger
>          Issue Type: Improvement
>          Components: plugins
>            Reporter: Janus Chow
>            Priority: Major
>             Fix For: 3.0.0
>
>          Time Spent: 40m
>  Remaining Estimate: 0h
>
> In `RangerHiveAuthorizer`, the function of `checkPrivileges` will check the 
> permission for the `HivePrivilegeObject` with 
> `FileUtils.isActionPermittedForFileHierarchy`, and this method will check the 
> permission for all the files under the related directory by default.
> For a large table with thousands of files, this operation will take a long 
> time, leading to breaking the SLA. Besides, in the default implementation of 
> `StorageBasedAuthorizationProvider` in Hive, only the directories will be 
> checked too. 
> This ticket is to add a config for users to do a coarse check for URI 
> permission check. 



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Commented] (RANGER-3298) Add coarse URI check for Hive Agent

Reply via email to