[
https://issues.apache.org/jira/browse/HIVE-9473?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14298014#comment-14298014
]
Lefty Leverenz commented on HIVE-9473:
--------------------------------------
Should this be documented in the SQL Standard Based Hive Authorization wikidoc
(along with the configuration parameters created in HIVE-8893 --
*hive.server2.builtin.udf.whitelist* & *hive.server2.builtin.udf.blacklist*)?
* [SQL Standard Based Hive Authorization |
https://cwiki.apache.org/confluence/display/Hive/SQL+Standard+Based+Hive+Authorization]
** [Configuration |
https://cwiki.apache.org/confluence/display/Hive/SQL+Standard+Based+Hive+Authorization#SQLStandardBasedHiveAuthorization-Configuration]
> sql std auth should disallow built-in udfs that allow any java methods to be
> called
> -----------------------------------------------------------------------------------
>
> Key: HIVE-9473
> URL: https://issues.apache.org/jira/browse/HIVE-9473
> Project: Hive
> Issue Type: Bug
> Components: Authorization, SQLStandardAuthorization
> Reporter: Thejas M Nair
> Assignee: Thejas M Nair
> Fix For: 1.0.0, 1.2.0
>
> Attachments: HIVE-9473.1.patch
>
>
> As mentioned in HIVE-8893, some udfs can be used to execute arbitrary java
> methods. This should be disallowed when sql standard authorization is used.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
