ranger-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Janus Chow (Jira)" <j...@apache.org>
Subject [jira] [Created] (RANGER-3298) Add coarse URI check for Hive Agent
Date Thu, 27 May 2021 16:13:00 GMT
Janus Chow created RANGER-3298:

             Summary: Add coarse URI check for Hive Agent
                 Key: RANGER-3298
                 URL: https://issues.apache.org/jira/browse/RANGER-3298
             Project: Ranger
          Issue Type: Improvement
          Components: plugins
            Reporter: Janus Chow

In `RangerHiveAuthorizer`, the function of `checkPrivileges` will check the permission for
the `HivePrivilegeObject` with `FileUtils.isActionPermittedForFileHierarchy`, and this method
will check the permission for all the files under the related directory by default.

For a large table with thousands of files, this operation will take a long time, leading to
breaking the SLA. Besides, in the default implementation of `StorageBasedAuthorizationProvider`
in Hive, only the directories will be checked too. 

This ticket is to add a config for users to do a coarse check for URI permission check. 

This message was sent by Atlassian Jira

View raw message