[ https://issues.apache.org/jira/browse/DRILL-3041?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Venki Korukanti reassigned DRILL-3041: -------------------------------------- Assignee: Venki Korukanti (was: Jacques Nadeau) > Impersonation-user can create view against file that user doesn't have read > access > ----------------------------------------------------------------------------------- > > Key: DRILL-3041 > URL: https://issues.apache.org/jira/browse/DRILL-3041 > Project: Apache Drill > Issue Type: Bug > Components: Execution - RPC > Affects Versions: 1.0.0 > Reporter: Krystal > Assignee: Venki Korukanti > Fix For: 1.1.0 > > > git.commit.id.abbrev=d10769f > I have a file that has the following permission: > -rwx------ 3 qa2 users 63078 2015-01-30 21:19 > /drill/testdata/csv/voter.csv > The directory right above the file has the following permission: > drwxr-xr-x - qa2 users 3 2015-05-12 14:22 /drill/testdata/csv > Logged into sqlline as a different user and attempted to create a view: > 0: jdbc:drill:schema=dfs.root> CREATE VIEW `dfs.qa1`.`test_v4` AS SELECT > columns[0] as column_0, columns[1] as column_1, columns[2] as column_2, > columns[3] as column_3, columns[4] as column_4, columns[5] as column_5, > columns[6] as column_6 FROM `dfs`.`default`.`drill/testdata/csv/voter.csv` > LIMIT 100; > The view got created successfully. However if I tried to read from the view, > I can't because of the lack of permission to the voter.csv table: > 0: jdbc:drill:schema=dfs.root> select * from `dfs.qa1`.`test_v4`; > Error: SYSTEM ERROR: org.apache.hadoop.security.AccessControlException: Open > failed for file: /drill/testdata/csv/voter.csv, error: Permission denied (13) > Currently drill only check if the folder contains correct permission and not > at the file level when creating views. It seems odd that a user is allowed > to create the view then not being able to access it afterwards. -- This message was sent by Atlassian JIRA (v6.3.4#6332)