You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@sentry.apache.org by "Anne Yu (JIRA)" <ji...@apache.org> on 2015/09/22 23:18:05 UTC

[jira] [Created] (SENTRY-897) [column level privilege] select any_column from table, error message exposes all columns' name.

Anne Yu created SENTRY-897:
------------------------------

             Summary: [column level privilege] select any_column from table, error message exposes all columns' name.
                 Key: SENTRY-897
                 URL: https://issues.apache.org/jira/browse/SENTRY-897
             Project: Sentry
          Issue Type: Bug
          Components: Sentry
    Affects Versions: 1.5.1
            Reporter: Anne Yu


This seems a minor issue to me, in the error message, it exposes un-authorized columns' name.
{code}
0: jdbc:hive2://anneyu-sentry-1.vpc.cloudera.> select s from test_tb;
Error: Error while compiling statement: FAILED: SemanticException [Error 10004]: Line 1:7 Invalid table alias or column reference 's': (possible column names are: userid, name) (state=42000,code=10004)
{code}

CC [~guoquan], [~sravya], [~lskuff]



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)