[jira] [Commented] (HIVE-21320) get_fields() and get_tables_by_type() are not protected by HMS server access control

Na Li (JIRA) Tue, 26 Feb 2019 23:04:47 -0800


    [ 
https://issues.apache.org/jira/browse/HIVE-21320?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16778977#comment-16778977
 ]


Na Li commented on HIVE-21320:
------------------------------

patch 9 is rebased on latest code at 
https://github.com/apache/hive/commit/77b9c3c79953121c19554a7de6953a6e21de9db6
The failed tests are likely caused by daijy 's commit at 
https://github.com/apache/hive/commit/3e9614eebd19f9843b28d97aaee1c3dfb815fb3d, 
which is reverted now.

> get_fields() and get_tables_by_type() are not protected by HMS server access 
> control
> ------------------------------------------------------------------------------------
>
>                 Key: HIVE-21320
>                 URL: https://issues.apache.org/jira/browse/HIVE-21320
>             Project: Hive
>          Issue Type: Bug
>    Affects Versions: 4.0.0
>            Reporter: Na Li
>            Assignee: Na Li
>            Priority: Major
>         Attachments: HIVE-21320.001.patch, HIVE-21320.005.patch, 
> HIVE-21320.005.patch, HIVE-21320.006.patch, HIVE-21320.007.patch, 
> HIVE-21320.008.patch, HIVE-21320.008.patch, HIVE-21320.009.patch
>
>
> User without any privilege can call these functions and get all meta data 
> back as if user has full access privilege.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Commented] (HIVE-21320) get_fields() and get_tables_by_type() are not protected by HMS server access control

Reply via email to