Uploaded image for project: 'IMPALA'
  1. IMPALA
  2. IMPALA-3915

Read access to views in the presence of WHERE-clause subqueries

    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Blocker
    • Resolution: Fixed
    • Affects Version/s: Impala 2.0, Impala 2.1, Impala 2.2, Impala 2.3.0, Impala 2.5.0, Impala 2.4.0, Impala 2.6.0
    • Fix Version/s: Impala 2.7.0, Impala 2.6.1
    • Component/s: Frontend
    • Labels:

      Description

      Impala by-passes Sentry authorization for views if the query or the view itself contains a subquery in any WHERE clause. This gives read access to the views to any user that would otherwise have insufficient privileges.
      The underlying base tables of views are still protected.
      Queries that do not have subqueries in the WHERE clause are still protected (unless the view itself contains such a subquery).
      Other operations like accessing the view definition or altering the view are still protected.

      Example reproduction:
      1. Setup as a user with sufficient privileges

      CREATE VIEW default.noauth_view AS
      SELECT COUNT(*) FROM functional.alltypes
      WHERE id IN (SELECT id FROM functional.alltypessmall);
      

      Notice the IN subquery in the WHERE clause. Other types of subqueries like NOT IN, EXISTS and NOT EXISTS also trigger this bug.

      2. Log in as a user with insufficient privileges (e.g. no roles at all)

      SHOW ROLES;
      // Empty result set
      
      SELECT * FROM default.noauth_view
      // Returns all results
      

        Attachments

          Activity

            People

            • Assignee:
              alex.behm Alexander Behm
              Reporter:
              alex.behm Alexander Behm
            • Votes:
              0 Vote for this issue
              Watchers:
              6 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: