yaooqinn commented on issue #4341:
URL: https://github.com/apache/kyuubi/issues/4341#issuecomment-1461166559
You have a mask rule on the column - name -, which will be masked during
scan operation, so the operations that follow will only get the masked data.
I know it's a bit counterintuitive. But it is correct. Supposing we don't
mask ahead and change your test case to `select id ,name from
iceberg_spark.test_copy a where a.name ='Jackhjf'`. Users get the result
`md5('Jackhjf')`, but everyone knows the datasource contains records for
`Jackhjf`. In such a case, the data is not secured, right?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
