[jira] [Commented] (HIVE-21320) get_fields() and get_tables_by_type() are not protected by HMS server access control

Na Li (JIRA) Wed, 27 Feb 2019 05:13:25 -0800


    [ 
https://issues.apache.org/jira/browse/HIVE-21320?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16779290#comment-16779290
 ]


Na Li commented on HIVE-21320:
------------------------------

I cannot reproduce the test failure with patch 9.
Patch 10 is rebased on 
https://github.com/apache/hive/commit/66533e2c4ed3f00f4795c1ffa9bed4c1a7aa6bf6


> get_fields() and get_tables_by_type() are not protected by HMS server access 
> control
> ------------------------------------------------------------------------------------
>
>                 Key: HIVE-21320
>                 URL: https://issues.apache.org/jira/browse/HIVE-21320
>             Project: Hive
>          Issue Type: Bug
>    Affects Versions: 4.0.0
>            Reporter: Na Li
>            Assignee: Na Li
>            Priority: Major
>         Attachments: HIVE-21320.001.patch, HIVE-21320.005.patch, 
> HIVE-21320.005.patch, HIVE-21320.006.patch, HIVE-21320.007.patch, 
> HIVE-21320.008.patch, HIVE-21320.008.patch, HIVE-21320.009.patch, 
> HIVE-21320.010.patch
>
>
> User without any privilege can call these functions and get all meta data 
> back as if user has full access privilege.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Commented] (HIVE-21320) get_fields() and get_tables_by_type() are not protected by HMS server access control

Reply via email to