[SENTRY-2435] Checking privileges fails due to unescape identifiers in sql string - ASF JIRA

Add vote

Watch issue

XML

Word

Printable

JSON

Details

Type: Bug
Status: Open
Priority: Major
Resolution: Unresolved
Affects Version/s: 1.7.1, 2.0.1
Fix Version/s: 1.7.1
Component/s: Hive V2
Labels:
- patch
- security

Description

For query "use `db_name`", sentry doesn't remove the encapsulating "`" pair from the identifier making authorization fails.

For query "drop database `db_name`" and some others, sentry returns "not match table meta grammar".

Attachments

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

sentry.patch
25/Oct/18 06:15
8 kB
Yang Mingqi

Activity

People

Assignee:: Unassigned

Reporter:: Yang Mingqi

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 25/Oct/18 06:18

Updated:: 25/Oct/18 06:18

Time Tracking

Estimated:

0.5h

Remaining:

0.5h

Logged:

Not Specified

Agile

Slack

Issue deployment