Sravya Tirukkovalur created SENTRY-268:
------------------------------------------
Summary: Allow only granted roles to be set in "SET ROLE
<roleName>"
Key: SENTRY-268
URL: https://issues.apache.org/jira/browse/SENTRY-268
Project: Sentry
Issue Type: Bug
Affects Versions: 1.4.0
Reporter: Sravya Tirukkovalur
Fix For: 1.4.0
This is related to https://issues.apache.org/jira/browse/SENTRY-240. Currently
we allow any role to be set, but when authorizing we make an intersection of
current active roles and granted privileges. Instead it would be better to
restrict setting roles which a user is not granted.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
