sentry-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Shreepadma Venugopalan (JIRA)" <j...@apache.org>
Subject [jira] [Created] (SENTRY-135) Restrict access to policy store apis based on user/group
Date Sat, 08 Mar 2014 00:36:44 GMT
Shreepadma Venugopalan created SENTRY-135:
---------------------------------------------

             Summary: Restrict access to policy store apis based on user/group
                 Key: SENTRY-135
                 URL: https://issues.apache.org/jira/browse/SENTRY-135
             Project: Sentry
          Issue Type: Sub-task
            Reporter: Shreepadma Venugopalan


Today, we don't restrict the execution of various policy store apis such as createRole, dropRole
etc based on the use/group. Hive/Impala/Solr will connect to the service as superusers. However,
the user on whose behalf the request is performed is included in the thrift request struct.
We need to restrict the apis based on privileges of the user/group.



--
This message was sent by Atlassian JIRA
(v6.2#6252)

Mime
View raw message