hive-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Peter Vary (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HIVE-21320) get_fields() and get_tables_by_type() are not protected by HMS server access control
Date Tue, 26 Feb 2019 13:34:00 GMT

    [ https://issues.apache.org/jira/browse/HIVE-21320?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16777912#comment-16777912
] 

Peter Vary commented on HIVE-21320:
-----------------------------------

+1 for patch 06, pending tests - please check the checkstyle errors too..

Thanks,

Peter

> get_fields() and get_tables_by_type() are not protected by HMS server access control
> ------------------------------------------------------------------------------------
>
>                 Key: HIVE-21320
>                 URL: https://issues.apache.org/jira/browse/HIVE-21320
>             Project: Hive
>          Issue Type: Bug
>    Affects Versions: 4.0.0
>            Reporter: Na Li
>            Assignee: Na Li
>            Priority: Major
>         Attachments: HIVE-21320.001.patch, HIVE-21320.005.patch, HIVE-21320.005.patch,
HIVE-21320.006.patch
>
>
> User without any privilege can call these functions and get all meta data back as if
user has full access privilege.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Mime
View raw message