Return-Path: 
 <dev-return-92772-apmail-hive-dev-archive=hive.apache.org@hive.apache.org>
X-Original-To: apmail-hive-dev-archive@www.apache.org
Delivered-To: apmail-hive-dev-archive@www.apache.org
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by minotaur.apache.org (Postfix) with SMTP id 469751122A
	for <apmail-hive-dev-archive@www.apache.org>;
 Mon,  7 Jul 2014 22:49:35 +0000 (UTC)
Received: (qmail 54064 invoked by uid 500); 7 Jul 2014 22:49:34 -0000
Delivered-To: apmail-hive-dev-archive@hive.apache.org
Received: (qmail 53966 invoked by uid 500); 7 Jul 2014 22:49:34 -0000
Mailing-List: contact dev-help@hive.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:dev-help@hive.apache.org>
List-Unsubscribe: <mailto:dev-unsubscribe@hive.apache.org>
List-Post: <mailto:dev@hive.apache.org>
List-Id: <dev.hive.apache.org>
Reply-To: dev@hive.apache.org
Delivered-To: mailing list dev@hive.apache.org
Received: (qmail 53951 invoked by uid 500); 7 Jul 2014 22:49:34 -0000
Delivered-To: apmail-hadoop-hive-dev@hadoop.apache.org
Received: (qmail 53948 invoked by uid 99); 7 Jul 2014 22:49:34 -0000
Received: from arcas.apache.org (HELO arcas.apache.org) (140.211.11.28)
    by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 07 Jul 2014 22:49:34 +0000
Date: Mon, 7 Jul 2014 22:49:34 +0000 (UTC)
From: "Thejas M Nair (JIRA)" <jira@apache.org>
To: hive-dev@hadoop.apache.org
Message-ID: <JIRA.12725871.1404773271873.15726.1404773374047@arcas>
In-Reply-To: <JIRA.12725871.1404773271873@arcas>
References: <JIRA.12725871.1404773271873@arcas>
Subject: [jira] [Created] (HIVE-7361) using authorization api for SET,
 RESET, DFS, ADD, DELETE, COMPILE commands
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394

Thejas M Nair created HIVE-7361:
-----------------------------------

             Summary: using authorization api for SET, RESET, DFS, ADD, DELETE, COMPILE commands
                 Key: HIVE-7361
                 URL: https://issues.apache.org/jira/browse/HIVE-7361
             Project: Hive
          Issue Type: Bug
          Components: Authorization
            Reporter: Thejas M Nair
            Assignee: Thejas M Nair


The only way to disable the commands SET, RESET, DFS, ADD, DELETE and COMPILE that is available currently is to use the hive.security.command.whitelist parameter.

Some of these commands are disabled using this configuration parameter for security reasons when SQL standard authorization is enabled. However, it gets disabled in all cases.

If authorization api is used authorize the use of these commands, it will give authorization implementations the flexibility to allow/disallow these commands based on user privileges.




--
This message was sent by Atlassian JIRA
(v6.2#6252)