You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@sentry.apache.org by "Lenni Kuff (JIRA)" <ji...@apache.org> on 2014/11/27 03:22:13 UTC
[jira] [Created] (SENTRY-552) Downgrading privileges does not
always work for column-level privileges
Lenni Kuff created SENTRY-552:
---------------------------------
Summary: Downgrading privileges does not always work for column-level privileges
Key: SENTRY-552
URL: https://issues.apache.org/jira/browse/SENTRY-552
Project: Sentry
Issue Type: Bug
Affects Versions: 1.5.0
Reporter: Lenni Kuff
Fix For: 1.5.0
The following doesn't work properly:
grant all on col1
grant all on col2
revoke select on col2
-- at this point, will have ALL on col1, INSERT on col2
revoke INSERT from table <--- Does not do the proper thing.
The expectation is that revoking INSERT from the table would remove INSERT privilege on col2 and also downgrade the ALL privilege on col1 to SELECT. Instead the privilege on col1 stays in-tact.
Note that this was exposed as part of the fix for SENTRY-543. Prior to that the REVOKE would incorrectly remove both privileges.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)