[ https://issues.apache.org/jira/browse/IMPALA-6086?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16495564#comment-16495564 ]
Zoram Thanga commented on IMPALA-6086: -------------------------------------- I just checked on a 2.7 cluster, and it seems like the issue of a non-privileged user being able to execute UDF existed there as well: {quote} [nightly59-4.gce.cloudera.com:21000] > show tables; Query: show tables ERROR: AuthorizationException: User 'y...@gce.cloudera.com' does not have privileges to access: default.* [nightly59-4.gce.cloudera.com:21000] > select trim(' abcd '); Query: select trim(' abcd ') Query submitted at: 2018-05-30 11:58:24 (Coordinator: https://nightly59-4.gce.cloudera.com:25000) Query progress can be monitored at: https://nightly59-4.gce.cloudera.com:25000/query_plan?query_id=58492b5157c2c36a:eeb57b5b00000000 +----------------+ | trim(' abcd ') | +----------------+ | abcd | +----------------+ Fetched 1 row(s) in 0.01s {quote} > Use of permanent function should require SELECT privilege on DB > --------------------------------------------------------------- > > Key: IMPALA-6086 > URL: https://issues.apache.org/jira/browse/IMPALA-6086 > Project: IMPALA > Issue Type: Bug > Components: Catalog, Security > Affects Versions: Impala 2.9.0, Impala 3.1.0 > Reporter: Zoram Thanga > Assignee: Zoram Thanga > Priority: Minor > > A user that has no privilege on a database should not be able to execute any > permanent functions in that database. This is currently possible, and should > be fixed, so that the user must have SELECT privilege to execute permanent > functions. -- This message was sent by Atlassian JIRA (v7.6.3#76005) --------------------------------------------------------------------- To unsubscribe, e-mail: issues-all-unsubscr...@impala.apache.org For additional commands, e-mail: issues-all-h...@impala.apache.org