-
Notifications
You must be signed in to change notification settings - Fork 4.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
HIVE-27322: Iceberg: metadata location overrides can cause data breach. #4673
Conversation
// this property is set during the create operation before the hive table was created | ||
// we are returning a dummy iceberg metadata file | ||
authURI.append(encodeString(URI.create(locationProperty.get()).getPath())) | ||
.append(encodeString("/metadata/dummy.metadata.json")); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Why this dummy needs?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
old code, shows up in refactor, when location is provided in create table, the metadata.json file will be created in that location /metadata/some.json, we don't know the exact path, so we pass this dummy.json to check if we would be able to create a file inside /metadata directory, the name of the file is irrelevant here, as what I could decode from history
@Override | ||
public void addResourcesForCreateTable(Map<String, String> tblProps, HiveConf hiveConf) { | ||
String metadataLocation = tblProps.get(BaseMetastoreTableOperations.METADATA_LOCATION_PROP); | ||
if (StringUtils.isNotEmpty(metadataLocation)) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Would it not be simpler if the metadataLocation is empty than throw exception?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
it would be empty in general unless someone provides the the metadata location as part of the create command. like in normal create command it would be empty
create table ice (schema) stored by iceberg;
it would be empty here.
create table ice TBLPROPERTIES(metadata-location='') stored by iceberg;
we handle this case, & if it is provided we do the logic
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
may be I can change it to just null
check, if it is empty iceberg should, if it doesn't resolve to anything
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM +1
Kudos, SonarCloud Quality Gate passed! 0 Bugs No Coverage information The version of Java (11.0.8) you have used to run this analysis is deprecated and we will stop accepting it soon. Please update to at least Java 17. |
…h. (apache#4673). (Ayush Saxena, reviewed by Denys Kuzmenko, Attila Turoczy)
What changes were proposed in this pull request?
Pass metadata location to authorizer if that is provided as part of create table
Why are the changes needed?
Better Authorizaton checks
Does this PR introduce any user-facing change?
Yes, metadata location will go through auth checks while creating table if they are specified.
Is the change a dependency upgrade?
No
How was this patch tested?
UT