[
https://issues.apache.org/jira/browse/SENTRY-1067?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16339662#comment-16339662
]
Alexander Kolbasov commented on SENTRY-1067:
--------------------------------------------
[~dapengsun] Are you still working on this? It is marked as "in-progress"
> Exclude capability for privilege("DENY" privilege support)
> ----------------------------------------------------------
>
> Key: SENTRY-1067
> URL: https://issues.apache.org/jira/browse/SENTRY-1067
> Project: Sentry
> Issue Type: New Feature
> Reporter: Dapeng Sun
> Assignee: Dapeng Sun
> Priority: Major
> Labels: roadmap
> Attachments: Design Document of Sentry Exclude capability for
> privilege-20160302.pdf
>
>
> Currently Sentry can only grant privileges to object, in some cases, only
> some sensitive data need to be protected. Adding exclude capability can
> simplify the management of access control.
> For example, the table "employee" have many columns, the column likes
> "username", "contact" and other information can be queried by others,but the
> column "salary" can only be queried by specific user.
> With exclude capability, we can grant privilege of table "employee" to user
> and block the column "salary".
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
