Unnikrishnan V T created HIVE-3271:
--------------------------------------
Summary: Previledge can be granted by any user(not owner) to any
user(even to the same user)
Key: HIVE-3271
URL: https://issues.apache.org/jira/browse/HIVE-3271
Project: Hive
Issue Type: Bug
Components: Authorization
Affects Versions: 0.8.1
Reporter: Unnikrishnan V T
Priority: Critical
I have created two users user 'unni' and user 'sachin'. user unni created a
table 'test3' so that user sachin cannot view that table. But user sachin is
able to grant all permission to the table test3.
I have set
1)hive.security.authorization.enabled=true(in hive-site.xml)
2)dfs.permissions=true(in hdfs-site.xml)
3)dfs.permissions.supergroup=supergroup(in hdfs-site.xml)
User sachin and user unni are in supergroup group.
The user sachin is even able to revoke all permissions from the owner of the
table user unni.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
