[
https://issues.apache.org/jira/browse/IMPALA-7217?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Work on IMPALA-7217 stopped by Fredy Wijaya.
--------------------------------------------
> UPDATE/DELETE statement with SELECT privilege can reveal the existence of a
> table
> ---------------------------------------------------------------------------------
>
> Key: IMPALA-7217
> URL: https://issues.apache.org/jira/browse/IMPALA-7217
> Project: IMPALA
> Issue Type: Bug
> Components: Frontend
> Affects Versions: Impala 3.0, Impala 2.12.0
> Reporter: Fredy Wijaya
> Assignee: Fredy Wijaya
> Priority: Minor
> Labels: security
>
> For UPDATE/DELETE statement, ALL privilege on SERVER is required. However,
> having a SELECT privilege when executing UPDATE can reveal the existence of a
> table, i.e. an AnalysisException is thrown instead of AuthorizationException.
> {noformat}
> [localhost:21000] default> grant select on server to role foo_role;
> +---------------------------------+
> | summary |
> +---------------------------------+
> | Privilege(s) have been granted. |
> +---------------------------------+
> Fetched 1 row(s) in 0.02s
> [localhost:21000] default> update doesntexist set a = 1;
> ERROR: AnalysisException: Could not resolve table reference: 'doesntexist'
> [localhost:21000] default> delete from doesntexist;
> ERROR: AnalysisException: Could not resolve table reference: 'doesntexist'
> {noformat}
> Let's contrast this with UPSERT.
> {noformat}
> [localhost:21000] default> upsert into table doesntexist(id, name) values(1,
> 'a');
> ERROR: AuthorizationException: User 'impdev' does not have privileges to
> access: default.doesntexist
> {noformat}
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
