Thrift MetaStore interface bypasses authorization checks
--------------------------------------------------------
Key: HIVE-2241
URL: https://issues.apache.org/jira/browse/HIVE-2241
Project: Hive
Issue Type: Bug
Components: JDBC, Metastore, ODBC, Security
Reporter: Carl Steinbach
Hive's authorization mechanism works with DML and DDL statements only.
Authorization checks are not applied when a Thrift client directly accesses the
Metastore's Thrift interface, e.g. create_table(), drop_table(), alter_table(),
get_databases(), get_tables(), etc.
Catalog functions such as get_databases() and get_tables() are directly
accessed by JDBC and ODBC drivers.
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
