[
https://issues.apache.org/jira/browse/RANGER-620?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14704555#comment-14704555
]
Loïc C. Chanel commented on RANGER-620:
---------------------------------------
[~bosco] : isthis issue fixed with Ranger 0.5 ? I did not make my upgrade yet,
can't find enough time.
> Ability to use database when connecting to it via HiveServer2 without policy
> authorizing it
> -------------------------------------------------------------------------------------------
>
> Key: RANGER-620
> URL: https://issues.apache.org/jira/browse/RANGER-620
> Project: Ranger
> Issue Type: Bug
> Components: admin
> Affects Versions: 0.4.0
> Environment: HiveServer2 on Ambari with Ranger plugin enabled
> Reporter: Loïc C. Chanel
> Priority: Critical
> Labels: hiveserver, security
>
> When doing with beeline
> !connect jdbc:hive2://192.168.6.210:10000/db1;principal=hive/hivehost@REALM
> org.apache.hive.jdbc.HiveDriver
> I can connect to db1, and even make a show tables without having any
> authorizing policy for these actions.
> And I am sure I have no right to connect and see these tables, because when
> doing
> !connect jdbc:hive2://192.168.6.210:10000/;principal=hive/hivehost@REALM
> org.apache.hive.jdbc.HiveDriver
> I can't make a use db1 without the error :
> Error: Error while compiling statement: FAILED: HiveAccessControlException
> Permission denied: user [testuser] does not have [USE] privilege on [db1]
> (state=42000,code=40000)
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
