[ 
https://issues.apache.org/jira/browse/RANGER-2045?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16429575#comment-16429575
 ] 

Abhay Kulkarni commented on RANGER-2045:
----------------------------------------

Additional commits:

ranger-1.0:

https://git-wip-us.apache.org/repos/asf?p=ranger.git;a=commit;h=889999a1ffbc230fa9204d2e8a0464bfcf024180

master:

https://git-wip-us.apache.org/repos/asf?p=ranger.git;a=commit;h=fe854a061e0948f27437fb5d9e6f24f0cac0f372

> Hive table columns with no explicit allow policy are listed with 'desc table' 
> command
> -------------------------------------------------------------------------------------
>
>                 Key: RANGER-2045
>                 URL: https://issues.apache.org/jira/browse/RANGER-2045
>             Project: Ranger
>          Issue Type: Bug
>          Components: Ranger
>    Affects Versions: 1.0.0, master
>            Reporter: Anuja Leekha
>            Assignee: Abhay Kulkarni
>            Priority: Major
>             Fix For: 1.0.0, master
>
>
> *Test scenario*
> 'xasecure.hive.describetable.showcolumns.authorization.option' set to 'none'
> Database 'testdb' has a table 'testtable1' with 3 columns 'name', 'age', 
> 'city'.
> Hive Policy exists giving user 'hrt_1' 'select' privilege on DB='testdb', 
> table='testtable1' and columns='name', 'age' [user does not have permissions 
> on 'city' column].
> "DESCRIBE testdb.testtable1" and "show columns in testdb.testtable1" commands 
> show results with 'city' column included.
> When 'xasecure.hive.describetable.showcolumns.authorization.option' is set to 
> 'none', Hive would follow default behavior and should deny DESCRIBE table and 
> show column commands as the policy does not grant the test user access to all 
> columns of the table. But the commands go through fine.
>  



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Reply via email to