You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@sentry.apache.org by "Sergio Peña (JIRA)" <ji...@apache.org> on 2018/08/15 19:28:00 UTC

[jira] [Updated] (SENTRY-2308) Create privilege on table has no use case

     [ https://issues.apache.org/jira/browse/SENTRY-2308?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Sergio Peña updated SENTRY-2308:
--------------------------------
    Attachment: SENTRY-2308.4.patch

> Create privilege on table has no use case
> -----------------------------------------
>
>                 Key: SENTRY-2308
>                 URL: https://issues.apache.org/jira/browse/SENTRY-2308
>             Project: Sentry
>          Issue Type: Bug
>          Components: Sentry
>    Affects Versions: 2.1.0
>            Reporter: Sergio Peña
>            Assignee: Sergio Peña
>            Priority: Major
>         Attachments: SENTRY-2308.1.patch, SENTRY-2308.2.patch, SENTRY-2308.3.patch, SENTRY-2308.4.patch
>
>
> Currently it is possible to grant CREATE on a table. However, there do not seem to be any SQL operations that require this privilege. 
> For example, ALTER TABLE ADD PARTITION, requires ALTER and not CREATE. 
> Here is another example that requires INSERT on the target table, not CREATE (or ALTER):
> {noformat}
> set hive.exec.dynamic.partition.mode=nonstrict;INSERT OVERWRITE TABLE config1_test_database1.aliens PARTITION (home_planet, diet) SELECT name, home_planet, diet FROM config1_test_database1.movie_stars WHERE home_planet IS NOT NULL AND diet IS NOT NULL;
> {noformat}
> If there is no use case for granting CREATE on a table, we should considering not allowing this operation. 



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)