[
https://issues.apache.org/jira/browse/HAWQ-1130?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15624380#comment-15624380
]
Goden Yao commented on HAWQ-1130:
---------------------------------
[~nhorn] [~jimmida] may know the history and rationale behind that.
> Make HCatalog integration work with non-superusers
> --------------------------------------------------
>
> Key: HAWQ-1130
> URL: https://issues.apache.org/jira/browse/HAWQ-1130
> Project: Apache HAWQ
> Issue Type: Improvement
> Components: PXF
> Reporter: Oleksandr Diachenko
> Assignee: Oleksandr Diachenko
> Fix For: 2.0.1.0-incubating
>
>
> According to current implementation user who uses HCatalog integration
> feature should have SELECT privileges for pg_authid, pg_user_mapping tables.
> It's fine for superusers but we shouldn't expose them to non-superusers
> because they store hashed user passwords.
> Basically, the problem is how to determine max oid among all oid-having
> tables.
> Possible solutions:
> * Creating view returning max oid and grant select privilege to public.
> ** Cons:
> *** Requires catalog upgrade;
> * Reading current oid from shared memory.
> ** Pros:
> *** No catalog upgrade needed.
> ** Cons:
> *** Additional exclusive locks needed.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
