Uploaded image for project: 'Sentry'
  1. Sentry
  2. SENTRY-849

[column level privilege] without table level privilege and column level privilege for column i, test user can still explain select column from test_tb;

    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Open
    • Priority: Major
    • Resolution: Unresolved
    • Affects Version/s: 1.5.1
    • Fix Version/s: None
    • Component/s: None
    • Labels:
      None

      Description

      0: jdbc:hive2://anneyu-cdh55-1.vpc.cloudera.c> show grant role test_role on table test_tb;
      +-----------+----------+------------+---------+-----------------+-----------------+------------+---------------+-------------------+----------+--+
      | database  |  table   | partition  | column  | principal_name  | principal_type  | privilege  | grant_option  |    grant_time     | grantor  |
      +-----------+----------+------------+---------+-----------------+-----------------+------------+---------------+-------------------+----------+--+
      | test_db   | test_tb  |            | s       | test_role       | ROLE            | select     | false         | 1439502394526000  | --       |
      +-----------+----------+------------+---------+-----------------+-----------------+------------+---------------+-------------------+----------+--+
      

      However explain "select i from test_tb" shows the column "i" test_user doesn't have privileges.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                guoquan shenguoquan
                Reporter:
                anneyu Anne Yu
              • Votes:
                1 Vote for this issue
                Watchers:
                7 Start watching this issue

                Dates

                • Created:
                  Updated: