Uploaded image for project: 'Sentry (Retired)'
  1. Sentry (Retired)
  2. SENTRY-2151 Automatically derive owner privileges from Hive Object Ownership
  3. SENTRY-2331

Support grant option for DDL operation

    XMLWordPrintableJSON

Details

    • Sub-task
    • Status: Resolved
    • Major
    • Resolution: Fixed
    • 2.1.0
    • 2.2.0
    • Sentry
    • None

    Description

      Authorization for some DDL operation needs to check if the user has grant option. The authorization process should be extended to support this.

      For example, "ALTER TABLE SET OWNER" command is special in the sense that it is both DDL option that updates metadata, and it implicitly transfers privileges (permission update). Therefore, authorizing this command requires both privilege for changing metadata and grant option.

      Attachments

        Issue Links

          relates to

          Sub-task - The sub-task of the issue SENTRY-2255 alter table set owner command can be executed only by user with proper privilege

          • Major - Major loss of function.
          • Resolved

          Activity

            People

              linaataustin Na Li
              linaataustin Na Li
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: