Thejas M Nair created HIVE-3009: ----------------------------------- Summary: do authorization for all metadata operations Key: HIVE-3009 URL: https://issues.apache.org/jira/browse/HIVE-3009 Project: Hive Issue Type: Bug Components: Authorization Reporter: Thejas M Nair
Most of the metadata read operations and some write operations are not checking for authorization. See org.apache.hadoop.hive.ql.plan.HiveOperation . Operations such as DESCTABLE and DROPDATABASE have null for required privileges. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa For more information on JIRA, see: http://www.atlassian.com/software/jira