[ https://issues.apache.org/jira/browse/SPARK-37266?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
jiaan.geng updated SPARK-37266: ------------------------------- Description: The current implementation of persistent view is create hive table with view text. The view text is just a query string, so the hackers may tamper with it through various means. Such as: {code:java} select * from tab1 {code} tampered with {code:java} drop table tab1 {code} was: The current implementation of persist view is create hive table with view text. The view text is just a query string, so the hackers may tamper with it through various means. Such as: {code:java} select * from tab1 {code} tampered with {code:java} drop table tab1 {code} > Optimize the analysis for view text of persistent view and fix security > vulnerabilities caused by sql tampering > ---------------------------------------------------------------------------------------------------------------- > > Key: SPARK-37266 > URL: https://issues.apache.org/jira/browse/SPARK-37266 > Project: Spark > Issue Type: Improvement > Components: SQL > Affects Versions: 3.3.0 > Reporter: jiaan.geng > Priority: Major > > The current implementation of persistent view is create hive table with view > text. > The view text is just a query string, so the hackers may tamper with it > through various means. > Such as: > {code:java} > select * from tab1 > {code} > tampered with > > {code:java} > drop table tab1 > {code} -- This message was sent by Atlassian Jira (v8.20.1#820001) --------------------------------------------------------------------- To unsubscribe, e-mail: issues-unsubscr...@spark.apache.org For additional commands, e-mail: issues-h...@spark.apache.org