hive-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Thejas M Nair (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HIVE-7361) using authorization api for RESET, DFS, ADD, DELETE, COMPILE commands
Date Fri, 11 Jul 2014 22:15:05 GMT

    [ https://issues.apache.org/jira/browse/HIVE-7361?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14059434#comment-14059434
] 

Thejas M Nair commented on HIVE-7361:
-------------------------------------

Authorizing the SET command through the API needs more work as the tests are currently using
the set commands to set the authorization settings! Removing SET command from the scope of
this jira (updated the title).


> using authorization api for RESET, DFS, ADD, DELETE, COMPILE commands
> ---------------------------------------------------------------------
>
>                 Key: HIVE-7361
>                 URL: https://issues.apache.org/jira/browse/HIVE-7361
>             Project: Hive
>          Issue Type: Bug
>          Components: Authorization
>            Reporter: Thejas M Nair
>            Assignee: Thejas M Nair
>
> The only way to disable the commands SET, RESET, DFS, ADD, DELETE and COMPILE that is
available currently is to use the hive.security.command.whitelist parameter.
> Some of these commands are disabled using this configuration parameter for security reasons
when SQL standard authorization is enabled. However, it gets disabled in all cases.
> If authorization api is used authorize the use of these commands, it will give authorization
implementations the flexibility to allow/disallow these commands based on user privileges.



--
This message was sent by Atlassian JIRA
(v6.2#6252)

Mime
View raw message