You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@sentry.apache.org by "Ruslan Dautkhanov (JIRA)" <ji...@apache.org> on 2016/04/20 00:56:25 UTC
[jira] [Created] (SENTRY-1209) Sentry does not block Hive's
cross-schema table renames
Ruslan Dautkhanov created SENTRY-1209:
-----------------------------------------
Summary: Sentry does not block Hive's cross-schema table renames
Key: SENTRY-1209
URL: https://issues.apache.org/jira/browse/SENTRY-1209
Project: Sentry
Issue Type: Bug
Components: Core, Hive Binding, Hive Plugin, Sentry
Affects Versions: 1.5.1
Environment: CDH 5.5.2
Reporter: Ruslan Dautkhanov
Priority: Critical
User Pete
has read-write access to schema A
has read-only access to schema B
User Pete nevertheless was able to rename/move Hive table
from schema A to schema B (where he has read-only access):
{quote}
use A;
alter table table_a rename to B.table_a;
{quote}
Hive allows to use rename table syntax to move tables across schemas, not just rename.
Sentry does not check security boundaries in this case.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)