Closed ebyhr closed 4 years ago
As a Hive connector design rule of thumb, we should check what Hive is doing (how configurable and what's the default). I vaguely remember the answer may depend on Hive version (I expect Hive 3 to use more strict permissions) and is very likely configurable via some umask config.
Covered by https://github.com/prestosql/presto/pull/3126. Please reopen if still relevant.
Currently, the directory permission created by Hive connector's CREATE TABLE is world-writable. This is explicitly set after this commit https://github.com/prestosql/presto/commit/0a446bb6f2c64f02282fc9048aa35a382a5c3087.
We already have
hive.hdfs.impersonation.enabled
property, so I assume we can replace the permission with more strict one.hdp3.1-hive:24: rwxr-xr-x