[
https://issues.apache.org/jira/browse/SENTRY-743?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14563765#comment-14563765
]
Sravya Tirukkovalur commented on SENTRY-743:
--------------------------------------------
With table t1(a int, b char(10)), and user restricted select to column b.
Here is the behavior in mysql:
mysql> select * from t1;
ERROR 1142 (42000): SELECT command denied to user 'sentry'@'localhost' for
table 't1'
mysql> select b from t1;
ERROR 1143 (42000): SELECT command denied to user 'sentry'@'localhost' for
column 'b' in table 't1'
mysql> select c from t1;
ERROR 1054 (42S22): Unknown column 'c' in 'field list'
> [Column level privileges] Column existence should be hidden for users with no
> privileges on that column
> -------------------------------------------------------------------------------------------------------
>
> Key: SENTRY-743
> URL: https://issues.apache.org/jira/browse/SENTRY-743
> Project: Sentry
> Issue Type: Bug
> Affects Versions: 1.5.0
> Reporter: Sravya Tirukkovalur
> Assignee: Sravya Tirukkovalur
> Fix For: 1.6.0
>
>
> Column existence should be hidden for users with no privileges on that
> column. For example:
> - Select * should return columns for which users have privilege
> - select c1 when user does not have permission on that column should fail
> with column not found exception rather than permission denied error.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
