Uploaded image for project: 'Hive'
  1. Hive
  2. HIVE-2241

Thrift MetaStore interface bypasses authorization checks

    XMLWordPrintableJSON

    Details

      Description

      Hive's authorization mechanism works with DML and DDL statements only. Authorization checks are not applied when a Thrift client directly accesses the Metastore's Thrift interface, e.g. create_table(), drop_table(), alter_table(), get_databases(), get_tables(), etc.

      Catalog functions such as get_databases() and get_tables() are directly accessed by JDBC and ODBC drivers.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                enis Enis Soztutar
                Reporter:
                cwsteinbach Carl Steinbach
              • Votes:
                0 Vote for this issue
                Watchers:
                3 Start watching this issue

                Dates

                • Created:
                  Updated: