Affects Version/s: None
Fix Version/s: 0.14.0
The only way to disable the commands SET, RESET, DFS, ADD, DELETE and COMPILE that is available currently is to use the hive.security.command.whitelist parameter.
Some of these commands are disabled using this configuration parameter for security reasons when SQL standard authorization is enabled. However, it gets disabled in all cases.
If authorization api is used authorize the use of these commands, it will give authorization implementations the flexibility to allow/disallow these commands based on user privileges.
|Status||Resolved [ 5 ]||Closed [ 6 ]|
|Status||Patch Available [ 10002 ]||Resolved [ 5 ]|
|Fix Version/s||0.14.0 [ 12326450 ]|
|Resolution||Fixed [ 1 ]|
This also changes behavior in SQL std auth -
reset command is now allowed.
dfs,add,delete,compile commands are now allowed for the admin user.
|Issue Type||Bug [ 1 ]||Improvement [ 4 ]|
|Status||Open [ 1 ]||Patch Available [ 10002 ]|
|Remote Link||This issue links to "review board (Web Link)" [ 15843 ]|
|Summary||using authorization api for SET, RESET, DFS, ADD, DELETE, COMPILE commands||using authorization api for RESET, DFS, ADD, DELETE, COMPILE commands|