Home | About | Sematext search-lucene.com search-hadoop.com
 Search Hadoop and all its subprojects:

Switch to Plain View
Hive, mail # user - metastore security issue


+
Shunichi Otsuka 2013-07-04, 05:27
Copy link to this message
-
RE: metastore security issue
Shunichi Otsuka 2013-07-04, 09:43
One setting was missing:
hive.metastore.authorization.storage.checks   true

This solves the problem

-----Original Message-----
From: Shunichi Otsuka [mailto:[EMAIL PROTECTED]]
Sent: Thursday, July 04, 2013 2:28 PM
To: [EMAIL PROTECTED]
Subject: metastore security issue

I am trying to setup hive securely doing authorization at the metastore. However there is a problem.
I have relied on hive JIRA HIVE-3705 to decide the configuration which were set as below:

javax.jdo.option.ConnectionURL                    jdbc
javax.jdo.option.ConnectionDriverName             java.database.jdbc.mysql
javax.jdo.option.ConnectionUserName               hive
javax.jdo.option.ConnectionPassword               userpass
hive.metastore.execute.setugi                     true
hive.metastore.uris                               thrift://thriftserver.example.com:9083
hive.metastore.sasl.enabled                       true
hive.metastore.kerberos.keytab.file               /etc/grid-keytabs/hive.keytab
hive.metastore.kerberos.principal                 hive/[EMAIL PROTECTED]
hive.security.metastore.authorization.enabled     true
hive.security.metastore.authenticator.manager     org.apache.hadoop.hive.ql.security.HadoopDefaultMetastoreAuthenticator
hive.security.metastore.authorization.manager     org.apache.hadoop.hive.ql.security.authorization.DefaultHiveMetastoreAuthorizationProvider
hive.security.authorization.enabled               false
However this does authorize an unauthorized user to drop a table or database from the metastore as below:

alice> create database db1 location '/user/alice/warehouse/db1.db';
[The permission of db1.db is drwx------ alice:users] However,
bob> drop database db1;
OK

This should not happen, so why is it happening? Is my setting wrong or is it that the code has not covered this case?
If it is that it has not been implemented yet, what measures have you taken to avoid malicious users from dropping other users' database/tables?

Java version  is 1.6.0_33
hive version is 0.11

Thanks