[
https://issues.apache.org/jira/browse/SENTRY-2413?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16622808#comment-16622808
]
kalyan kumar kalvagadda commented on SENTRY-2413:
-------------------------------------------------
[~spena] Can you be more clear? Does that mean privileges such as DROP, ALTER,
INDEX, LOCK will not be allowed unless they are configured in new configuration
that is being proposed?
> Provide a configuration option to permit specific DB privileges to be granted
> explicitly
> ----------------------------------------------------------------------------------------
>
> Key: SENTRY-2413
> URL: https://issues.apache.org/jira/browse/SENTRY-2413
> Project: Sentry
> Issue Type: Improvement
> Components: Sentry
> Affects Versions: 2.1.0
> Reporter: Sergio Peña
> Assignee: Sergio Peña
> Priority: Major
> Attachments: SENTRY-2413.1.patch, SENTRY-2413.2.patch
>
>
> Some DB clients would not like that privileges, such as DROP, ALTER, INDEX,
> LOCK, can be granted explicitly by Sentry admins because there are no use
> cases and some can be prone to security errors if not handled correctly.
> Being 2.x a minor version, to avoid incompatibility, then a new configuration
> should be added that explicitly defines the set of privileges that can be
> granted on Sentry.
> This is exclusively for DB policies.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
