Sergio Peña created SENTRY-2308:
-----------------------------------
Summary: Create privilege on table has no use case
Key: SENTRY-2308
URL: https://issues.apache.org/jira/browse/SENTRY-2308
Project: Sentry
Issue Type: Bug
Components: Sentry
Affects Versions: 2.1.0
Reporter: Sergio Peña
Currently it is possible to grant CREATE on a table. However, there do not seem
to be any SQL operations that require this privilege.
For example, ALTER TABLE ADD PARTITION, requires ALTER and not CREATE.
Here is another example that requires INSERT on the target table, not CREATE
(or ALTER):
{noformat}
set hive.exec.dynamic.partition.mode=nonstrict;INSERT OVERWRITE TABLE
config1_test_database1.aliens PARTITION (home_planet, diet) SELECT name,
home_planet, diet FROM config1_test_database1.movie_stars WHERE home_planet IS
NOT NULL AND diet IS NOT NULL;
{noformat}
If there is no use case for granting CREATE on a table, we should considering
not allowing this operation.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
