An Unathorized User in Hive, Overwrites a Directory it Does not Have Write Access to Causing All Original Content to be Lost (Doc ID 2085717.1)

Last updated on DECEMBER 08, 2015

Applies to:

Big Data Appliance Integrated Software - Version 4.2.0 and later
Linux x86-64

Symptoms

On Oracle Big Data Appliance (BDA) 4.2.0, an unauthorized user overwrote a directory with Hive that they did not have write access to.

The parent directory and all sub directories were hive:hive with chmod permissions of 750.

User was ACL in for group r-x.

When the user ran the Hive query with the "Location" of the parent directory, the entire sub directory and all contents were overwritten with the Hive query output. All data was lost.

How to avoid this from occurring again?

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms