Ryan P created SENTRY-810:
-----------------------------
Summary: CTAS vulnerability
Key: SENTRY-810
URL: https://issues.apache.org/jira/browse/SENTRY-810
Project: Sentry
Issue Type: Bug
Components: Hive Plugin
Reporter: Ryan P
HIVE-11319 puts us in an awkward situation where you can leverage your current
permissions to overwrite existing directories. I recommend we edit the CTAS
permissions map to reflect that of a true insert overwrite directory. This will
be annoying for users trying to do legit CTAS operations within the warehouse
but as it stands it leave a gaping hole in the security model
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
