subject:"\[jira\] \[Created\] \(IMPALA\-7285\) Restructure analyzer code to perform security\/access checks before re\-analysis"

[jira] [Created] (IMPALA-7285) Restructure analyzer code to perform security/access checks before re-analysis

2018-07-11 Thread Zoram Thanga (JIRA)

Zoram Thanga created IMPALA-7285:


 Summary: Restructure analyzer code to perform security/access 
checks before re-analysis
 Key: IMPALA-7285
 URL: https://issues.apache.org/jira/browse/IMPALA-7285
 Project: IMPALA
  Issue Type: Bug
  Components: Frontend, Security
Affects Versions: Impala 2.12.0
Reporter: Zoram Thanga


This came out during the review for 
[https://gerrit.cloudera.org/#/c/10850/|https://gerrit.cloudera.org/#/c/10850/]:

{quote}
supposing the folded fn reveals something interesting, e.g., getSSN("some user 
name") ... this approach evaluates it and outputs it to the log. while I don't 
think we output this rewritten query in an error (or possibly elsewhere 
downstream), have you looked at avoiding the evaluation of fn in the first 
place if access is not permitted? the approach here seems prone to currently 
leak and can get worse depending on future changes.
{quote}

In general, it would be good to handle query analysis in the following sequence:

# Parse
# Check security/access
# Analyze
# Re-write
# Re-analyze
# etc.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

-
To unsubscribe, e-mail: issues-all-unsubscr...@impala.apache.org
For additional commands, e-mail: issues-all-h...@impala.apache.org

[jira] [Created] (IMPALA-7285) Restructure analyzer code to perform security/access checks before re-analysis

2018-07-11 Thread Zoram Thanga (JIRA)

Zoram Thanga created IMPALA-7285:


 Summary: Restructure analyzer code to perform security/access 
checks before re-analysis
 Key: IMPALA-7285
 URL: https://issues.apache.org/jira/browse/IMPALA-7285
 Project: IMPALA
  Issue Type: Bug
  Components: Frontend, Security
Affects Versions: Impala 2.12.0
Reporter: Zoram Thanga


This came out during the review for 
[https://gerrit.cloudera.org/#/c/10850/|https://gerrit.cloudera.org/#/c/10850/]:

{quote}
supposing the folded fn reveals something interesting, e.g., getSSN("some user 
name") ... this approach evaluates it and outputs it to the log. while I don't 
think we output this rewritten query in an error (or possibly elsewhere 
downstream), have you looked at avoiding the evaluation of fn in the first 
place if access is not permitted? the approach here seems prone to currently 
leak and can get worse depending on future changes.
{quote}

In general, it would be good to handle query analysis in the following sequence:

# Parse
# Check security/access
# Analyze
# Re-write
# Re-analyze
# etc.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Created] (IMPALA-7285) Restructure analyzer code to perform security/access checks before re-analysis

[jira] [Created] (IMPALA-7285) Restructure analyzer code to perform security/access checks before re-analysis

2 matches

Site Navigation

Mail list logo

Footer information