[
https://issues.apache.org/jira/browse/RANGER-1823?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16199462#comment-16199462
]
Ramesh Mani commented on RANGER-1823:
-------------------------------------
[~Seymour Xu],
I couldnt reproduce this issue locally. If it would have happend its a nasty
one in terms of security.
By looking into this code change, UPDATE should be access type for the
operation which really does updat e like , TRUNCATE /INSERT / DELETE not on
QUERY whose primary operation is to fetch data.
Could you please check this out and put some debug logs from the cluster when
you do this testing
> Allowed TRUNCATE and INSERT to partition table when the policy item is only
> "SELECT"
> ------------------------------------------------------------------------------------
>
> Key: RANGER-1823
> URL: https://issues.apache.org/jira/browse/RANGER-1823
> Project: Ranger
> Issue Type: Bug
> Components: plugins
> Affects Versions: 0.5.3, 0.7.1
> Reporter: Haihui Xu
> Assignee: Haihui Xu
> Fix For: 0.5.4, 1.0.0
>
> Attachments: RANGER-1823-Allowed TRUNCATE and INSERT to partition
> table when the policy item is only SELECT.patch
>
>
> In beeline, useraa create table hive_test, such as : CREATE TABLE
> hive_test(b string) PARTITIONED BY (a string); then in ranger admin UI add
> a policy for userbb, the policy has only "SELECT" of table hive_test; in
> beeline userbb execute "truncate table hive_test" / "insert into hive_test
> partition(a=20171003) select 1 from hive_test" is allowed.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
