[RANGER-2045] Hive table columns with no explicit allow policy are listed with 'desc table' command - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: 1.0.0, master
Fix Version/s: 1.0.0, master
Component/s: Ranger
Labels:
None

Description

Test scenario
'xasecure.hive.describetable.showcolumns.authorization.option' set to 'none'
Database 'testdb' has a table 'testtable1' with 3 columns 'name', 'age', 'city'.
Hive Policy exists giving user 'hrt_1' 'select' privilege on DB='testdb', table='testtable1' and columns='name', 'age' [user does not have permissions on 'city' column].

"DESCRIBE testdb.testtable1" and "show columns in testdb.testtable1" commands show results with 'city' column included.

When 'xasecure.hive.describetable.showcolumns.authorization.option' is set to 'none', Hive would follow default behavior and should deny DESCRIBE table and show column commands as the policy does not grant the test user access to all columns of the table. But the commands go through fine.

Attachments

Activity

People

Assignee:: Abhay Kulkarni

Reporter:: Anuja Leekha

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 28/Mar/18 00:38

Updated:: 08/Apr/18 01:54

Resolved:: 28/Mar/18 03:36