phoenix-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Karan Mehta (JIRA)" <j...@apache.org>
Subject [jira] [Created] (PHOENIX-4430) Restrict the read of table metadata from SYSTEM CATALOG based on user permissions
Date Sun, 03 Dec 2017 19:28:01 GMT
Karan Mehta created PHOENIX-4430:
------------------------------------

             Summary: Restrict the read of table metadata from SYSTEM CATALOG based on user
permissions
                 Key: PHOENIX-4430
                 URL: https://issues.apache.org/jira/browse/PHOENIX-4430
             Project: Phoenix
          Issue Type: Improvement
            Reporter: Karan Mehta


PHOENIX-4198 removes the need for users to have write access to SYSTEM.CATALOG table, by impersonating
as login user on the server side. Users now require just READ and EXEC access on the table.


Users can still, however, run {{SELECT * FROM SYSTEM.CATALOG}} and read other table's metadata.
Some applications might require greater level of security and want to restrict meta-data read
as well. 

This JIRA is to discuss potential solutions for this problem. If we restrict a table's metadata,
then we have to restrict the metadata for index and views as well. 

HBase allows users to set row-level permissions as well. Although we don't expose it via SQL
API in PHOENIX-672, we can use it internally to grant/revoke permissions on specific metadata
rows. The grant/revoke commands will also have to change the permissions on SYSCAT rows appropriately.
Challenges and corner cases will come in cases of tenant specific views, which can be generated
on the fly and the row key starts with TenantID followed by table name.

Other ideas / suggestions welcome.

[~twdsilva@gmail.com] [~ankit@apache.org] [~jamestaylor] [~apurtell] 



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Mime
View raw message