[
https://issues.apache.org/jira/browse/HIVE-9473?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14297863#comment-14297863
]
Thejas M Nair commented on HIVE-9473:
-------------------------------------
[~vikram.dixit] I would like to get this along with HIVE-8893 in to 1.0.0 as
well. This is a security fix.
> sql std auth should disallow built-in udfs that allow any java methods to be
> called
> -----------------------------------------------------------------------------------
>
> Key: HIVE-9473
> URL: https://issues.apache.org/jira/browse/HIVE-9473
> Project: Hive
> Issue Type: Bug
> Components: Authorization, SQLStandardAuthorization
> Reporter: Thejas M Nair
> Assignee: Thejas M Nair
> Attachments: HIVE-9473.1.patch
>
>
> As mentioned in HIVE-8893, some udfs can be used to execute arbitrary java
> methods. This should be disallowed when sql standard authorization is used.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
