Hive
  1. Hive
  2. HIVE-2538

Database level authorization can be circumvented by first "using" a database that one has ALL privileges to

    Details

    • Type: Bug Bug
    • Status: Open
    • Priority: Major Major
    • Resolution: Unresolved
    • Affects Version/s: 0.7.1
    • Fix Version/s: None
    • Component/s: Authorization, Security
    • Labels:
      None

      Description

      You can replicate this bug by recreating my setup, which I describe below:

      I have our "default" database set up to only allow SELECT for user "skrishnan". But user skrishnan has "ALL" privileges on database "skrishnan".

      The following works correctly (i.e user shouldn't be able to create a table in the default database):

      hive> use default;
      OK
      Time taken: 0.043 seconds
      hive> create table skrishnan_test(i int);
      Authorization failed:No privilege 'Create' found for outputs

      { database:default}

      . Use show grant to get more details. (Correct Behavior)

      However, user skrishnan can indeed create tables in the default database by doing this:

      hive> use skrishnan;
      OK
      Time taken: 0.038 seconds
      hive> create table default.skrishnan_test(i int);
      OK
      Time taken: 0.34 seconds (Incorrect behavior)

      That means that the database level authorization is basically circumvented by first using a database that a user has all privileges to. And then using the fully qualified table name (db_name.table_name) for a database that a user doesn't have permissions to.

        Issue Links

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              Sriram Krishnan
            • Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

              • Created:
                Updated:

                Development