hive -- authorization logic vulnerability
Sushanth Sowmyan reports:
Some partition-level operations exist that do not explicitly also
authorize privileges of the parent table. This can lead to issues when
the parent table would have denied the operation, but no denial occurs
because the partition-level privilege is not checked by the
authorization framework, which defines authorization entities only
from the table level upwards.
Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright