[SENTRY-2413] Provide a configuration option to permit specific DB privileges to be granted explicitly - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: 2.1.0
Fix Version/s: 2.2.0
Component/s: Sentry
Labels:
None

Description

Some DB clients would not like that privileges, such as DROP, ALTER, INDEX, LOCK, can be granted explicitly by Sentry admins because there are no use cases and some can be prone to security errors if not handled correctly.

Being 2.x a minor version, to avoid incompatibility, then a new configuration should be added that explicitly defines the set of privileges that can be granted on Sentry.

This is exclusively for DB policies.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

SENTRY-2413.1.patch
20/Sep/18 20:26
11 kB
Sergio Peña
SENTRY-2413.2.patch
20/Sep/18 21:34
11 kB
Sergio Peña
SENTRY-2413.3.patch
21/Sep/18 14:24
15 kB
Sergio Peña

Issue Links

links to

Review Board

Activity

People

Assignee:: Sergio Peña

Reporter:: Sergio Peña

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 20/Sep/18 20:25

Updated:: 25/Sep/18 19:30

Resolved:: 25/Sep/18 19:30