Why do we need EXEC permissions in PhoenixAccessController#preGetTable? Aren't READ permissions sufficient here? Now every time that a client calls MetaDataEndPointImpl#getTable, they will need EXEC permissions on the table, though they may just want to read from or upsert to the table, rather than execute any co-processors on the table. This was introduced as part of changes for PHOENIX-4661 <https://issues.apache.org/jira/browse/PHOENIX-4661>, where we removed ADMIN permission requirements and added these instead. I ran into this at $dayjob wherein we had to grant EXEC permissions to a user just so they could query a table. This doesn't seem right, since granting EXEC permissions to them could potentially allow them to invoke any co-processors loaded on that table.
Any ideas about the reasoning behind this? Or is this a potential bug? -- Chinmay Kulkarni
