Return-Path: 
 <dev-return-78384-apmail-hive-dev-archive=hive.apache.org@hive.apache.org>
X-Original-To: apmail-hive-dev-archive@www.apache.org
Delivered-To: apmail-hive-dev-archive@www.apache.org
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by minotaur.apache.org (Postfix) with SMTP id 4BF8E10C61
	for <apmail-hive-dev-archive@www.apache.org>;
 Thu,  6 Feb 2014 06:02:31 +0000 (UTC)
Received: (qmail 12338 invoked by uid 500); 6 Feb 2014 06:02:29 -0000
Delivered-To: apmail-hive-dev-archive@hive.apache.org
Received: (qmail 11834 invoked by uid 500); 6 Feb 2014 06:02:17 -0000
Mailing-List: contact dev-help@hive.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:dev-help@hive.apache.org>
List-Unsubscribe: <mailto:dev-unsubscribe@hive.apache.org>
List-Post: <mailto:dev@hive.apache.org>
List-Id: <dev.hive.apache.org>
Reply-To: dev@hive.apache.org
Delivered-To: mailing list dev@hive.apache.org
Received: (qmail 11803 invoked by uid 500); 6 Feb 2014 06:02:13 -0000
Delivered-To: apmail-hadoop-hive-dev@hadoop.apache.org
Received: (qmail 11794 invoked by uid 99); 6 Feb 2014 06:02:12 -0000
Received: from arcas.apache.org (HELO arcas.apache.org) (140.211.11.28)
    by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 06 Feb 2014 06:02:12 +0000
Date: Thu, 6 Feb 2014 06:02:12 +0000 (UTC)
From: "Thejas M Nair (JIRA)" <jira@apache.org>
To: hive-dev@hadoop.apache.org
Message-ID: <JIRA.12679546.1384573018574.47120.1391666532653@arcas>
In-Reply-To: <JIRA.12679546.1384573018574@arcas>
References: <JIRA.12679546.1384573018574@arcas>
Subject: [jira] [Commented] (HIVE-5837) SQL standard based secure
 authorization for hive
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394


    [ https://issues.apache.org/jira/browse/HIVE-5837?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13893079#comment-13893079 ] 

Thejas M Nair commented on HIVE-5837:
-------------------------------------

[~brocknoland] [~prasadm] [~shreepadma] Do have any opinion on how to deal with privilege on URI object based on your experience? What should it mean, should it mean the privilege applies to the directory and its sub dirs ? Can things like symlinks pose security holes ? Any other issues to consider wrt URI ?


> SQL standard based secure authorization for hive
> ------------------------------------------------
>
>                 Key: HIVE-5837
>                 URL: https://issues.apache.org/jira/browse/HIVE-5837
>             Project: Hive
>          Issue Type: New Feature
>          Components: Authorization
>            Reporter: Thejas M Nair
>            Assignee: Thejas M Nair
>         Attachments: SQL standard authorization hive.pdf
>
>
> The current default authorization is incomplete and not secure. The alternative of storage based authorization provides security but does not provide fine grained authorization.
> The proposal is to support secure fine grained authorization in hive using SQL standard based authorization model.



--
This message was sent by Atlassian JIRA
(v6.1.5#6160)