[HIVE-21320] get_fields() and get_tables_by_type() are not protected by HMS server access control - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: 4.0.0
Fix Version/s: 4.0.0-alpha-1
Component/s: None
Labels:
None

Description

User without any privilege can call these functions and get all meta data back as if user has full access privilege.

Attachments

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

HIVE-21320.001.patch
25/Feb/19 18:39
13 kB
Na Li
HIVE-21320.005.patch
25/Feb/19 21:45
26 kB
Na Li
HIVE-21320.005.patch
26/Feb/19 03:14
26 kB
Na Li
HIVE-21320.006.patch
26/Feb/19 13:19
12 kB
Na Li
HIVE-21320.007.patch
26/Feb/19 22:26
12 kB
Na Li
HIVE-21320.008.patch
27/Feb/19 02:39
12 kB
Na Li
HIVE-21320.008.patch
27/Feb/19 05:44
12 kB
Na Li
HIVE-21320.009.patch
27/Feb/19 06:51
12 kB
Na Li
HIVE-21320.010.patch
27/Feb/19 13:04
12 kB
Na Li

Activity

People

Assignee:: Na Li

Reporter:: Na Li

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 25/Feb/19 18:32

Updated:: 17/Nov/22 08:50

Resolved:: 27/Feb/19 18:41