[SENTRY-1067] Exclude capability for privilege("DENY" privilege support) - ASF JIRA

XML

Word

Printable

JSON

Details

Type: New Feature
Status: In Progress
Priority: Major
Resolution: Unresolved
Affects Version/s: None
Fix Version/s: None
Component/s: None
Labels:
- roadmap

Description

Currently Sentry can only grant privileges to object, in some cases, only some sensitive data need to be protected. Adding exclude capability can simplify the management of access control.
For example, the table "employee" have many columns, the column likes "username", "contact" and other information can be queried by others,but the column "salary" can only be queried by specific user.
With exclude capability, we can grant privilege of table "employee" to user and block the column "salary".

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

Design Document of Sentry Exclude capability for privilege-20160302.pdf
02/Mar/16 05:36
373 kB
Dapeng Sun

Activity

People

Assignee:: Dapeng Sun

Reporter:: Dapeng Sun

Votes:: 1 Vote for this issue

Watchers:: 6 Start watching this issue

Dates

Created:: 16/Feb/16 02:37

Updated:: 25/Jan/18 19:14