Uploaded image for project: 'Hive'
  1. Hive
  2. HIVE-9473

sql std auth should disallow built-in udfs that allow any java methods to be called

    Details

    • Release Note:
      Hide
      SQL Standard authorization will disable the udfs reflect, reflect2 and java_method by automatically setting the udf blacklist config parameter (hive.server2.builtin.udf.blacklist). However, if HiveServer2 admin chooses to set the config param to a specific value, it will not be altered.
      Show
      SQL Standard authorization will disable the udfs reflect, reflect2 and java_method by automatically setting the udf blacklist config parameter (hive.server2.builtin.udf.blacklist). However, if HiveServer2 admin chooses to set the config param to a specific value, it will not be altered.

      Description

      As mentioned in HIVE-8893, some udfs can be used to execute arbitrary java methods. This should be disallowed when sql standard authorization is used.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                thejas Thejas M Nair
                Reporter:
                thejas Thejas M Nair
              • Votes:
                0 Vote for this issue
                Watchers:
                5 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: