[jira] [Commented] (SENTRY-1209) Sentry does not block Hive's cross-schema table renames
[ https://issues.apache.org/jira/browse/SENTRY-1209?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15380219#comment-15380219 ] Sravya Tirukkovalur commented on SENTRY-1209: - [~Tagar], This would be in the next release 1.8.0. Thanks! > Sentry does not block Hive's cross-schema table renames > --- > > Key: SENTRY-1209 > URL: https://issues.apache.org/jira/browse/SENTRY-1209 > Project: Sentry > Issue Type: Bug > Components: Core, Hive Binding, Hive Plugin, Sentry >Affects Versions: 1.5.1 > Environment: CDH 5.5.2 >Reporter: Ruslan Dautkhanov >Assignee: Colin Ma >Priority: Critical > Labels: security > Fix For: 1.8.0 > > Attachments: SENTRY-1209.001.patch, SENTRY-1209.002.patch, > SENTRY-1209.003.patch, SENTRY-1209.004.patch, SENTRY-1209.005.patch, > SENTRY-1209.006.patch > > > User Pete > has read-write access to schema A > has read-only access to schema B > User Pete nevertheless was able to rename/move Hive table > from schema A to schema B (where he has read-only access): > {quote} > use A; > alter table table_a rename to B.table_a; > {quote} > Hive allows to use rename table syntax to move tables across schemas, not > just rename. > Sentry does not check security boundaries in this case. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (SENTRY-1209) Sentry does not block Hive's cross-schema table renames
[ https://issues.apache.org/jira/browse/SENTRY-1209?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15379860#comment-15379860 ] Ruslan Dautkhanov commented on SENTRY-1209: --- thank you. which Sentry release this patch will be included in? > Sentry does not block Hive's cross-schema table renames > --- > > Key: SENTRY-1209 > URL: https://issues.apache.org/jira/browse/SENTRY-1209 > Project: Sentry > Issue Type: Bug > Components: Core, Hive Binding, Hive Plugin, Sentry >Affects Versions: 1.5.1 > Environment: CDH 5.5.2 >Reporter: Ruslan Dautkhanov >Assignee: Colin Ma >Priority: Critical > Labels: security > Attachments: SENTRY-1209.001.patch, SENTRY-1209.002.patch, > SENTRY-1209.003.patch, SENTRY-1209.004.patch, SENTRY-1209.005.patch, > SENTRY-1209.006.patch > > > User Pete > has read-write access to schema A > has read-only access to schema B > User Pete nevertheless was able to rename/move Hive table > from schema A to schema B (where he has read-only access): > {quote} > use A; > alter table table_a rename to B.table_a; > {quote} > Hive allows to use rename table syntax to move tables across schemas, not > just rename. > Sentry does not check security boundaries in this case. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (SENTRY-1209) Sentry does not block Hive's cross-schema table renames
[ https://issues.apache.org/jira/browse/SENTRY-1209?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15378711#comment-15378711 ] Colin Ma commented on SENTRY-1209: -- Yes, the test case is in TestDbPrivilegeCleanupOnDrop.testDropAndRenameWithMultiAction(). > Sentry does not block Hive's cross-schema table renames > --- > > Key: SENTRY-1209 > URL: https://issues.apache.org/jira/browse/SENTRY-1209 > Project: Sentry > Issue Type: Bug > Components: Core, Hive Binding, Hive Plugin, Sentry >Affects Versions: 1.5.1 > Environment: CDH 5.5.2 >Reporter: Ruslan Dautkhanov >Assignee: Colin Ma >Priority: Critical > Labels: security > Attachments: SENTRY-1209.001.patch, SENTRY-1209.002.patch, > SENTRY-1209.003.patch, SENTRY-1209.004.patch, SENTRY-1209.005.patch, > SENTRY-1209.006.patch > > > User Pete > has read-write access to schema A > has read-only access to schema B > User Pete nevertheless was able to rename/move Hive table > from schema A to schema B (where he has read-only access): > {quote} > use A; > alter table table_a rename to B.table_a; > {quote} > Hive allows to use rename table syntax to move tables across schemas, not > just rename. > Sentry does not check security boundaries in this case. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (SENTRY-1209) Sentry does not block Hive's cross-schema table renames
[ https://issues.apache.org/jira/browse/SENTRY-1209?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15378705#comment-15378705 ] Sravya Tirukkovalur commented on SENTRY-1209: - +1. Do we have coverage for rename db1.tb1 to db1.tb2? > Sentry does not block Hive's cross-schema table renames > --- > > Key: SENTRY-1209 > URL: https://issues.apache.org/jira/browse/SENTRY-1209 > Project: Sentry > Issue Type: Bug > Components: Core, Hive Binding, Hive Plugin, Sentry >Affects Versions: 1.5.1 > Environment: CDH 5.5.2 >Reporter: Ruslan Dautkhanov >Assignee: Colin Ma >Priority: Critical > Labels: security > Attachments: SENTRY-1209.001.patch, SENTRY-1209.002.patch, > SENTRY-1209.003.patch, SENTRY-1209.004.patch, SENTRY-1209.005.patch, > SENTRY-1209.006.patch > > > User Pete > has read-write access to schema A > has read-only access to schema B > User Pete nevertheless was able to rename/move Hive table > from schema A to schema B (where he has read-only access): > {quote} > use A; > alter table table_a rename to B.table_a; > {quote} > Hive allows to use rename table syntax to move tables across schemas, not > just rename. > Sentry does not check security boundaries in this case. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (SENTRY-1209) Sentry does not block Hive's cross-schema table renames
[ https://issues.apache.org/jira/browse/SENTRY-1209?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15378704#comment-15378704 ] Colin Ma commented on SENTRY-1209: -- [~sravya], update the RB. Thanks for review. > Sentry does not block Hive's cross-schema table renames > --- > > Key: SENTRY-1209 > URL: https://issues.apache.org/jira/browse/SENTRY-1209 > Project: Sentry > Issue Type: Bug > Components: Core, Hive Binding, Hive Plugin, Sentry >Affects Versions: 1.5.1 > Environment: CDH 5.5.2 >Reporter: Ruslan Dautkhanov >Assignee: Colin Ma >Priority: Critical > Labels: security > Attachments: SENTRY-1209.001.patch, SENTRY-1209.002.patch, > SENTRY-1209.003.patch, SENTRY-1209.004.patch, SENTRY-1209.005.patch, > SENTRY-1209.006.patch > > > User Pete > has read-write access to schema A > has read-only access to schema B > User Pete nevertheless was able to rename/move Hive table > from schema A to schema B (where he has read-only access): > {quote} > use A; > alter table table_a rename to B.table_a; > {quote} > Hive allows to use rename table syntax to move tables across schemas, not > just rename. > Sentry does not check security boundaries in this case. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (SENTRY-1209) Sentry does not block Hive's cross-schema table renames
[ https://issues.apache.org/jira/browse/SENTRY-1209?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15345569#comment-15345569 ] Colin Ma commented on SENTRY-1209: -- [~sravya], thanks for your comments, I agree that the minimum action should be added to auth model for rename operation. Will update the auth model with drop and create. > Sentry does not block Hive's cross-schema table renames > --- > > Key: SENTRY-1209 > URL: https://issues.apache.org/jira/browse/SENTRY-1209 > Project: Sentry > Issue Type: Bug > Components: Core, Hive Binding, Hive Plugin, Sentry >Affects Versions: 1.5.1 > Environment: CDH 5.5.2 >Reporter: Ruslan Dautkhanov >Assignee: Colin Ma >Priority: Critical > Labels: security > Attachments: SENTRY-1209.001.patch, SENTRY-1209.002.patch, > SENTRY-1209.003.patch, SENTRY-1209.004.patch, SENTRY-1209.005.patch > > > User Pete > has read-write access to schema A > has read-only access to schema B > User Pete nevertheless was able to rename/move Hive table > from schema A to schema B (where he has read-only access): > {quote} > use A; > alter table table_a rename to B.table_a; > {quote} > Hive allows to use rename table syntax to move tables across schemas, not > just rename. > Sentry does not check security boundaries in this case. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (SENTRY-1209) Sentry does not block Hive's cross-schema table renames
[ https://issues.apache.org/jira/browse/SENTRY-1209?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15341556#comment-15341556 ] Sravya Tirukkovalur commented on SENTRY-1209: - Reposting my comment from RB Thanks for the change! The more I think about it, I feel we should be double careful when making auth model change. I am trying to think what the user behavior change would be for: Alter table rename db1.tb1 to db1.tb2: We are essentially dropping db1.tb1 and creating db1.tb2. So at minimum create and drop on db1 are required. Would requiring all cause any inflexibility? Alter table rename db1.tb1 to db2.tb2: At a minimum, user needs drop on db1 and create on db2. Would requiring all cause any inflexibility? And also what should our upgrade recommendation be? > Sentry does not block Hive's cross-schema table renames > --- > > Key: SENTRY-1209 > URL: https://issues.apache.org/jira/browse/SENTRY-1209 > Project: Sentry > Issue Type: Bug > Components: Core, Hive Binding, Hive Plugin, Sentry >Affects Versions: 1.5.1 > Environment: CDH 5.5.2 >Reporter: Ruslan Dautkhanov >Assignee: Colin Ma >Priority: Critical > Labels: security > Attachments: SENTRY-1209.001.patch, SENTRY-1209.002.patch, > SENTRY-1209.003.patch, SENTRY-1209.004.patch, SENTRY-1209.005.patch > > > User Pete > has read-write access to schema A > has read-only access to schema B > User Pete nevertheless was able to rename/move Hive table > from schema A to schema B (where he has read-only access): > {quote} > use A; > alter table table_a rename to B.table_a; > {quote} > Hive allows to use rename table syntax to move tables across schemas, not > just rename. > Sentry does not check security boundaries in this case. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (SENTRY-1209) Sentry does not block Hive's cross-schema table renames
[ https://issues.apache.org/jira/browse/SENTRY-1209?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15340794#comment-15340794 ] Colin Ma commented on SENTRY-1209: -- [~sravya], any comment for the latest patch? > Sentry does not block Hive's cross-schema table renames > --- > > Key: SENTRY-1209 > URL: https://issues.apache.org/jira/browse/SENTRY-1209 > Project: Sentry > Issue Type: Bug > Components: Core, Hive Binding, Hive Plugin, Sentry >Affects Versions: 1.5.1 > Environment: CDH 5.5.2 >Reporter: Ruslan Dautkhanov >Assignee: Colin Ma >Priority: Critical > Labels: security > Attachments: SENTRY-1209.001.patch, SENTRY-1209.002.patch, > SENTRY-1209.003.patch, SENTRY-1209.004.patch, SENTRY-1209.005.patch > > > User Pete > has read-write access to schema A > has read-only access to schema B > User Pete nevertheless was able to rename/move Hive table > from schema A to schema B (where he has read-only access): > {quote} > use A; > alter table table_a rename to B.table_a; > {quote} > Hive allows to use rename table syntax to move tables across schemas, not > just rename. > Sentry does not check security boundaries in this case. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (SENTRY-1209) Sentry does not block Hive's cross-schema table renames
[ https://issues.apache.org/jira/browse/SENTRY-1209?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15317772#comment-15317772 ] Hadoop QA commented on SENTRY-1209: --- Here are the results of testing the latest attachment https://issues.apache.org/jira/secure/attachment/12808536/SENTRY-1209.005.patch against master. {color:green}Overall:{color} +1 all checks pass {color:green}SUCCESS:{color} all tests passed Console output: https://builds.apache.org/job/PreCommit-SENTRY-Build/1681/console This message is automatically generated. > Sentry does not block Hive's cross-schema table renames > --- > > Key: SENTRY-1209 > URL: https://issues.apache.org/jira/browse/SENTRY-1209 > Project: Sentry > Issue Type: Bug > Components: Core, Hive Binding, Hive Plugin, Sentry >Affects Versions: 1.5.1 > Environment: CDH 5.5.2 >Reporter: Ruslan Dautkhanov >Assignee: Colin Ma >Priority: Critical > Labels: security > Attachments: SENTRY-1209.001.patch, SENTRY-1209.002.patch, > SENTRY-1209.003.patch, SENTRY-1209.004.patch, SENTRY-1209.005.patch > > > User Pete > has read-write access to schema A > has read-only access to schema B > User Pete nevertheless was able to rename/move Hive table > from schema A to schema B (where he has read-only access): > {quote} > use A; > alter table table_a rename to B.table_a; > {quote} > Hive allows to use rename table syntax to move tables across schemas, not > just rename. > Sentry does not check security boundaries in this case. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (SENTRY-1209) Sentry does not block Hive's cross-schema table renames
[ https://issues.apache.org/jira/browse/SENTRY-1209?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15316321#comment-15316321 ] Hadoop QA commented on SENTRY-1209: --- Here are the results of testing the latest attachment https://issues.apache.org/jira/secure/attachment/12808244/SENTRY-1209.003.patch against master. {color:red}Overall:{color} -1 due to 4 errors {color:red}ERROR:{color} mvn test exited 1 {color:red}ERROR:{color} Failed: org.apache.sentry.tests.e2e.hive.TestOperationsPart1 {color:red}ERROR:{color} Failed: org.apache.sentry.tests.e2e.dbprovider.TestDbOperationsPart1 {color:red}ERROR:{color} Failed: org.apache.sentry.tests.e2e.dbprovider.TestDbOperationsPart1 Console output: https://builds.apache.org/job/PreCommit-SENTRY-Build/1674/console This message is automatically generated. > Sentry does not block Hive's cross-schema table renames > --- > > Key: SENTRY-1209 > URL: https://issues.apache.org/jira/browse/SENTRY-1209 > Project: Sentry > Issue Type: Bug > Components: Core, Hive Binding, Hive Plugin, Sentry >Affects Versions: 1.5.1 > Environment: CDH 5.5.2 >Reporter: Ruslan Dautkhanov >Assignee: Colin Ma >Priority: Critical > Labels: security > Attachments: SENTRY-1209.001.patch, SENTRY-1209.002.patch, > SENTRY-1209.003.patch > > > User Pete > has read-write access to schema A > has read-only access to schema B > User Pete nevertheless was able to rename/move Hive table > from schema A to schema B (where he has read-only access): > {quote} > use A; > alter table table_a rename to B.table_a; > {quote} > Hive allows to use rename table syntax to move tables across schemas, not > just rename. > Sentry does not check security boundaries in this case. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (SENTRY-1209) Sentry does not block Hive's cross-schema table renames
[ https://issues.apache.org/jira/browse/SENTRY-1209?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15316249#comment-15316249 ] Colin Ma commented on SENTRY-1209: -- [~sravya], thanks for the comments, the patch is updated according to your comments. > Sentry does not block Hive's cross-schema table renames > --- > > Key: SENTRY-1209 > URL: https://issues.apache.org/jira/browse/SENTRY-1209 > Project: Sentry > Issue Type: Bug > Components: Core, Hive Binding, Hive Plugin, Sentry >Affects Versions: 1.5.1 > Environment: CDH 5.5.2 >Reporter: Ruslan Dautkhanov >Assignee: Colin Ma >Priority: Critical > Labels: security > Attachments: SENTRY-1209.001.patch, SENTRY-1209.002.patch, > SENTRY-1209.003.patch > > > User Pete > has read-write access to schema A > has read-only access to schema B > User Pete nevertheless was able to rename/move Hive table > from schema A to schema B (where he has read-only access): > {quote} > use A; > alter table table_a rename to B.table_a; > {quote} > Hive allows to use rename table syntax to move tables across schemas, not > just rename. > Sentry does not check security boundaries in this case. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (SENTRY-1209) Sentry does not block Hive's cross-schema table renames
[ https://issues.apache.org/jira/browse/SENTRY-1209?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15307175#comment-15307175 ] Hadoop QA commented on SENTRY-1209: --- Here are the results of testing the latest attachment https://issues.apache.org/jira/secure/attachment/12807024/SENTRY-1209.002.patch against master. {color:green}Overall:{color} +1 all checks pass {color:green}SUCCESS:{color} all tests passed Console output: https://builds.apache.org/job/PreCommit-SENTRY-Build/1658/console This message is automatically generated. > Sentry does not block Hive's cross-schema table renames > --- > > Key: SENTRY-1209 > URL: https://issues.apache.org/jira/browse/SENTRY-1209 > Project: Sentry > Issue Type: Bug > Components: Core, Hive Binding, Hive Plugin, Sentry >Affects Versions: 1.5.1 > Environment: CDH 5.5.2 >Reporter: Ruslan Dautkhanov >Assignee: Colin Ma >Priority: Critical > Labels: security > Attachments: SENTRY-1209.001.patch, SENTRY-1209.002.patch > > > User Pete > has read-write access to schema A > has read-only access to schema B > User Pete nevertheless was able to rename/move Hive table > from schema A to schema B (where he has read-only access): > {quote} > use A; > alter table table_a rename to B.table_a; > {quote} > Hive allows to use rename table syntax to move tables across schemas, not > just rename. > Sentry does not check security boundaries in this case. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (SENTRY-1209) Sentry does not block Hive's cross-schema table renames
[ https://issues.apache.org/jira/browse/SENTRY-1209?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15303350#comment-15303350 ] Colin Ma commented on SENTRY-1209: -- [~sravya], I'll handle this problem. > Sentry does not block Hive's cross-schema table renames > --- > > Key: SENTRY-1209 > URL: https://issues.apache.org/jira/browse/SENTRY-1209 > Project: Sentry > Issue Type: Bug > Components: Core, Hive Binding, Hive Plugin, Sentry >Affects Versions: 1.5.1 > Environment: CDH 5.5.2 >Reporter: Ruslan Dautkhanov >Priority: Critical > Labels: security > > User Pete > has read-write access to schema A > has read-only access to schema B > User Pete nevertheless was able to rename/move Hive table > from schema A to schema B (where he has read-only access): > {quote} > use A; > alter table table_a rename to B.table_a; > {quote} > Hive allows to use rename table syntax to move tables across schemas, not > just rename. > Sentry does not check security boundaries in this case. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (SENTRY-1209) Sentry does not block Hive's cross-schema table renames
[ https://issues.apache.org/jira/browse/SENTRY-1209?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15303158#comment-15303158 ] Sravya Tirukkovalur commented on SENTRY-1209: - Would be good to fix this. [~colinma] will you be interested in picking this up? > Sentry does not block Hive's cross-schema table renames > --- > > Key: SENTRY-1209 > URL: https://issues.apache.org/jira/browse/SENTRY-1209 > Project: Sentry > Issue Type: Bug > Components: Core, Hive Binding, Hive Plugin, Sentry >Affects Versions: 1.5.1 > Environment: CDH 5.5.2 >Reporter: Ruslan Dautkhanov >Priority: Critical > Labels: security > > User Pete > has read-write access to schema A > has read-only access to schema B > User Pete nevertheless was able to rename/move Hive table > from schema A to schema B (where he has read-only access): > {quote} > use A; > alter table table_a rename to B.table_a; > {quote} > Hive allows to use rename table syntax to move tables across schemas, not > just rename. > Sentry does not check security boundaries in this case. -- This message was sent by Atlassian JIRA (v6.3.4#6332)