sentry-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Dapeng Sun (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (SENTRY-1067) Exclude capability for privilege
Date Wed, 17 Feb 2016 01:10:18 GMT

    [ https://issues.apache.org/jira/browse/SENTRY-1067?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15149630#comment-15149630
] 

Dapeng Sun commented on SENTRY-1067:
------------------------------------

I'm not going to restrict it at column, I think table or database level privilege also should
work, do you have any thought?

> Exclude capability for privilege
> --------------------------------
>
>                 Key: SENTRY-1067
>                 URL: https://issues.apache.org/jira/browse/SENTRY-1067
>             Project: Sentry
>          Issue Type: New Feature
>            Reporter: Dapeng Sun
>            Assignee: Dapeng Sun
>
> Currently Sentry can only grant privileges to object, in some cases, only some sensitive
data need to be protected. Adding exclude capability can simplify the management of access
control.
> For example, the table "employee" have many columns, the column likes "username", "contact"
and other information can be queried by others,but the column "salary" can only be queried
by specific user.
> With exclude capability, we can grant privilege of table "employee" to user and block
the column "salary".



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message