hive-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Edward Capriolo (JIRA)" <>
Subject [jira] [Commented] (HIVE-5400) Allow admins to disable compile and other commands
Date Thu, 03 Oct 2013 03:01:46 GMT


Edward Capriolo commented on HIVE-5400:

Agreed on the SQLException leave it as is. There is one more idea I want to pitch. Does it
make more sense to implement a blacklist then a whitelist?

Generally we fall on the side of leaving "dangerous" things on and not limiting features.
A good example is hive.strict.mode. It should be on by default it all production deployments,
but we have it off for the purposes of unit testing. Maybe I am biased here, but as a person
who used hadoop before "security" I would rather things worked out of the box and I could
turn them off later, other then the opposite. 

Again this is just a thought, and if you like the whitelist better lets just keep this.

> Allow admins to disable compile and other commands
> --------------------------------------------------
>                 Key: HIVE-5400
>                 URL:
>             Project: Hive
>          Issue Type: Sub-task
>            Reporter: Brock Noland
>            Assignee: Edward Capriolo
>         Attachments: HIVE-5400.patch, HIVE-5400.patch, HIVE-5400.patch
> From here:
>  I think we should afford admins who want to disable this functionality the ability to
do so. Since such admins might want to disable other commands such as add or dfs, it wouldn't
be much trouble to allow them to do this as well. For example we could have a configuration
option "hive.available.commands" (or similar) which specified add,set,delete,reset, etc by
default. Then check this value in CommandProcessorFactory. It would probably make sense to
add this property to the restrict list.

This message was sent by Atlassian JIRA

View raw message