Vuk Ercegovac has posted comments on this change. ( http://gerrit.cloudera.org:8080/10850 )
Change subject: IMPALA-6086: Use of permanent function should require SELECT privilege on DB ...................................................................... Patch Set 3: (1 comment) http://gerrit.cloudera.org:8080/#/c/10850/3/fe/src/main/java/org/apache/impala/analysis/AnalysisContext.java File fe/src/main/java/org/apache/impala/analysis/AnalysisContext.java: http://gerrit.cloudera.org:8080/#/c/10850/3/fe/src/main/java/org/apache/impala/analysis/AnalysisContext.java@481 PS3, Line 481: LOG.trace("rewrittenStmt: " + analysisResult_.stmt_.toSql()); supposing the folded fn reveals something interesting, e.g., getSSN("some user name") ... this approach evaluates it and outputs it to the log. while I don't think we output this rewritten query in an error (or possibly elsewhere downstream), have you looked at avoiding the evaluation of fn in the first place if access is not permitted? the approach here seems prone to currently leak and can get worse depending on future changes. -- To view, visit http://gerrit.cloudera.org:8080/10850 To unsubscribe, visit http://gerrit.cloudera.org:8080/settings Gerrit-Project: Impala-ASF Gerrit-Branch: master Gerrit-MessageType: comment Gerrit-Change-Id: Iee70f15e4c04f7daaed9cac2400ec626e1fb0e57 Gerrit-Change-Number: 10850 Gerrit-PatchSet: 3 Gerrit-Owner: Zoram Thanga <[email protected]> Gerrit-Reviewer: Fredy Wijaya <[email protected]> Gerrit-Reviewer: Vuk Ercegovac <[email protected]> Gerrit-Reviewer: Zoram Thanga <[email protected]> Gerrit-Comment-Date: Wed, 11 Jul 2018 21:55:04 +0000 Gerrit-HasComments: Yes
