hive-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Thejas M Nair (JIRA)" <>
Subject [jira] [Commented] (HIVE-17606) Improve security for DB notification related APIs
Date Thu, 28 Sep 2017 18:06:06 GMT


Thejas M Nair commented on HIVE-17606:

I see one possible issue with the test case. 
If the "rsp = metaStoreClient.getNextNotification(firstEventId, 0, null);" that is supposed
to work throws an exception, the test would still pass. Is that right ?

> Improve security for DB notification related APIs
> -------------------------------------------------
>                 Key: HIVE-17606
>                 URL:
>             Project: Hive
>          Issue Type: Improvement
>          Components: Metastore
>            Reporter: Tao Li
>            Assignee: Tao Li
>         Attachments: HIVE-17606.1.patch, HIVE-17606.2.patch, HIVE-17606.3.patch, HIVE-17606.4.patch,
HIVE-17606.5.patch, HIVE-17606.6.patch, HIVE-17606.7.patch, HIVE-17606.8.patch
> The purpose is to make sure only the superusers which are specified in the proxyuser
settings can make the db notification related API calls, since this is supposed to be called
by superuser/admin instead of any end user.

This message was sent by Atlassian JIRA

View raw message