[
https://issues.apache.org/jira/browse/IMPALA-6086?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16495564#comment-16495564
]
Zoram Thanga commented on IMPALA-6086:
--------------------------------------
I just checked on a 2.7 cluster, and it seems like the issue of a
non-privileged user being able to execute UDF existed there as well:
{quote}
[nightly59-4.gce.cloudera.com:21000] > show tables;
Query: show tables
ERROR: AuthorizationException: User 'y...@gce.cloudera.com' does not have
privileges to access: default.*
[nightly59-4.gce.cloudera.com:21000] > select trim(' abcd ');
Query: select trim(' abcd ')
Query submitted at: 2018-05-30 11:58:24 (Coordinator:
https://nightly59-4.gce.cloudera.com:25000)
Query progress can be monitored at:
https://nightly59-4.gce.cloudera.com:25000/query_plan?query_id=58492b5157c2c36a:eeb57b5b00000000
+----------------+
| trim(' abcd ') |
+----------------+
| abcd |
+----------------+
Fetched 1 row(s) in 0.01s
{quote}
> Use of permanent function should require SELECT privilege on DB
> ---------------------------------------------------------------
>
> Key: IMPALA-6086
> URL: https://issues.apache.org/jira/browse/IMPALA-6086
> Project: IMPALA
> Issue Type: Bug
> Components: Catalog, Security
> Affects Versions: Impala 2.9.0, Impala 3.1.0
> Reporter: Zoram Thanga
> Assignee: Zoram Thanga
> Priority: Minor
>
> A user that has no privilege on a database should not be able to execute any
> permanent functions in that database. This is currently possible, and should
> be fixed, so that the user must have SELECT privilege to execute permanent
> functions.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-all-unsubscr...@impala.apache.org
For additional commands, e-mail: issues-all-h...@impala.apache.org
