> On June 12, 2018, 4:27 p.m., kalyan kumar kalvagadda wrote: > > sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/authz/HiveAuthzPrivilegesMap.java > > Line 110 (original), 110-111 (patched) > > <https://reviews.apache.org/r/67539/diff/1/?file=2039246#file2039246line110> > > > > Can you explain why this change is needed? > > > > having drop on the old database and create on new database good enough? > > Na Li wrote: > The problem we had was user does not have privilege to select the data, > but can do so with "alter table rename" as what's mentioned in jira > description. > > The change requires more privileges from user who executes this command > to mimic the minimum privilege for someone to export the data, drop the table > in original DB, and create table, add data to the new table in destination > DB. After introducing FGP, a user with only DROP on a database db1 and at > least CREATE on db2 can run > ============================== > ALTER TABLE RENAME db1.table1 db2.table2, and thus elevate their > privileges. that is why drop on old DB and create on new DB is not enough. > > To reproduce: > > As admin (e.g. hive): > 1. Create db1, db1.table1, db2, role r1. > 2. Grant DROP on db1 to role r1. > 3. Grant ALL on db2 to role r1 > 4. Grant role r1 to user testuser1. > As testuser1: > 1. use db1; alter table db1.table1 rename to db2.table1 > 2. select * from db2. table1 > Result: the select command succeeds.
to avoid user elevate table privlege using destiantion DB, we should require user having all privilege on source table. That is why we have this fix - Na ----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/67539/#review204605 ----------------------------------------------------------- On June 26, 2018, 4:22 a.m., Na Li wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/67539/ > ----------------------------------------------------------- > > (Updated June 26, 2018, 4:22 a.m.) > > > Review request for sentry, kalyan kumar kalvagadda and Sergio Pena. > > > Bugs: sentry-2264 > https://issues.apache.org/jira/browse/sentry-2264 > > > Repository: sentry > > > Description > ------- > > change privilege for table rename > > > Diffs > ----- > > > sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/authz/HiveAuthzPrivilegesMap.java > 4f932ea > > sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestOperationsPart1.java > 1e72990 > > sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestOperationsPart2.java > cf89b5d > > > Diff: https://reviews.apache.org/r/67539/diff/3/ > > > Testing > ------- > > > Thanks, > > Na Li > >
