You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@sentry.apache.org by "Na Li (JIRA)" <ji...@apache.org> on 2018/08/06 15:31:00 UTC
[jira] [Commented] (SENTRY-2334) Optimize Sentry privilege
comparison for requested privileges with current privileges
[ https://issues.apache.org/jira/browse/SENTRY-2334?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16570364#comment-16570364 ]
Na Li commented on SENTRY-2334:
-------------------------------
[~arjunmishra13] What's your approach? Sentry supports hierarchical privilege: if user has all on DB, this user will be able to access table with all privilege. Exact match cannot support hierarchical privilege
> Optimize Sentry privilege comparison for requested privileges with current privileges
> -------------------------------------------------------------------------------------
>
> Key: SENTRY-2334
> URL: https://issues.apache.org/jira/browse/SENTRY-2334
> Project: Sentry
> Issue Type: Improvement
> Components: Sentry
> Reporter: Arjun Mishra
> Assignee: Arjun Mishra
> Priority: Major
> Fix For: 2.1.0
>
>
> Sentry privilege comparison is not optimized when there are large number of Hive Context inputs and therefore large number of requested privileges. Currently Sentry checks for each requiredInputPrivilege by comparing privileges for that input with all privileges of group/role. If number of inputs are large, and number of privileges assigned to role+group are large this request takes a long time
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)