[
https://issues.apache.org/jira/browse/SENTRY-1209?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15316608#comment-15316608
]
Hadoop QA commented on SENTRY-1209:
-----------------------------------
Here are the results of testing the latest attachment
https://issues.apache.org/jira/secure/attachment/12808385/SENTRY-1209.004.patch
against master.
{color:green}Overall:{color} +1 all checks pass
{color:green}SUCCESS:{color} all tests passed
Console output:
https://builds.apache.org/job/PreCommit-SENTRY-Build/1675/console
This message is automatically generated.
> Sentry does not block Hive's cross-schema table renames
> -------------------------------------------------------
>
> Key: SENTRY-1209
> URL: https://issues.apache.org/jira/browse/SENTRY-1209
> Project: Sentry
> Issue Type: Bug
> Components: Core, Hive Binding, Hive Plugin, Sentry
> Affects Versions: 1.5.1
> Environment: CDH 5.5.2
> Reporter: Ruslan Dautkhanov
> Assignee: Colin Ma
> Priority: Critical
> Labels: security
> Attachments: SENTRY-1209.001.patch, SENTRY-1209.002.patch,
> SENTRY-1209.003.patch, SENTRY-1209.004.patch
>
>
> User Pete
> has read-write access to schema A
> has read-only access to schema B
> User Pete nevertheless was able to rename/move Hive table
> from schema A to schema B (where he has read-only access):
> {quote}
> use A;
> alter table table_a rename to B.table_a;
> {quote}
> Hive allows to use rename table syntax to move tables across schemas, not
> just rename.
> Sentry does not check security boundaries in this case.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
