Uploaded image for project: 'Sentry (Retired)'
  1. Sentry (Retired)
  2. SENTRY-849

[column level privilege] without table level privilege and column level privilege for column i, test user can still explain select column from test_tb;

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Open
    • Major
    • Resolution: Unresolved
    • 1.5.1
    • None
    • None
    • None

    Description

      0: jdbc:hive2://anneyu-cdh55-1.vpc.cloudera.c> show grant role test_role on table test_tb;
      +-----------+----------+------------+---------+-----------------+-----------------+------------+---------------+-------------------+----------+--+
      | database  |  table   | partition  | column  | principal_name  | principal_type  | privilege  | grant_option  |    grant_time     | grantor  |
      +-----------+----------+------------+---------+-----------------+-----------------+------------+---------------+-------------------+----------+--+
      | test_db   | test_tb  |            | s       | test_role       | ROLE            | select     | false         | 1439502394526000  | --       |
      +-----------+----------+------------+---------+-----------------+-----------------+------------+---------------+-------------------+----------+--+
      

      However explain "select i from test_tb" shows the column "i" test_user doesn't have privileges.

      Attachments

        Issue Links

          Activity

            People

              guoquan shenguoquan
              anneyu Anne Yu
              Votes:
              1 Vote for this issue
              Watchers:
              7 Start watching this issue

              Dates

                Created:
                Updated: