hive-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Lefty Leverenz (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HIVE-12429) Switch default Hive authorization to SQLStandardAuth in 2.0
Date Wed, 20 Jan 2016 08:14:39 GMT

    [ https://issues.apache.org/jira/browse/HIVE-12429?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15108198#comment-15108198
] 

Lefty Leverenz commented on HIVE-12429:
---------------------------------------

Doc note:  This changes the default value of *hive.security.authorization.manager* so the
following wikidocs need to be updated for release 2.0.0.

* [Configuration Properties -- hive.security.authorization.manager | https://cwiki.apache.org/confluence/display/Hive/Configuration+Properties#ConfigurationProperties-hive.security.authorization.manager]
* [SQL Standard Based Hive Authorization -- Configuration -- For Hive 0.13.x | https://cwiki.apache.org/confluence/display/Hive/SQL+Standard+Based+Hive+Authorization#SQLStandardBasedHiveAuthorization-ForHive0.13.x]
* [SQL Standard Based Hive Authorization -- Configuration -- For Hive 0.14 and Newer | https://cwiki.apache.org/confluence/display/Hive/SQL+Standard+Based+Hive+Authorization#SQLStandardBasedHiveAuthorization-ForHive0.14andNewer]

> Switch default Hive authorization to SQLStandardAuth in 2.0
> -----------------------------------------------------------
>
>                 Key: HIVE-12429
>                 URL: https://issues.apache.org/jira/browse/HIVE-12429
>             Project: Hive
>          Issue Type: Task
>          Components: Authorization, Security
>    Affects Versions: 2.0.0
>            Reporter: Alan Gates
>            Assignee: Daniel Dai
>              Labels: TODOC2.0
>             Fix For: 2.0.0
>
>         Attachments: HIVE-12429.1.patch, HIVE-12429.10.patch, HIVE-12429.11.patch, HIVE-12429.12.patch,
HIVE-12429.13.patch, HIVE-12429.14.patch, HIVE-12429.15.patch, HIVE-12429.16.patch, HIVE-12429.17.patch,
HIVE-12429.18.patch, HIVE-12429.2.patch, HIVE-12429.3.patch, HIVE-12429.4.patch, HIVE-12429.5.patch,
HIVE-12429.6.patch, HIVE-12429.7.patch, HIVE-12429.8.patch, HIVE-12429.9.patch
>
>
> Hive's default authorization is not real security, as it does not secure a number of
features and anyone can grant access to any object to any user.  We should switch the default
to SQLStandardAuth, which provides real authentication.
> As this is a backwards incompatible change this was hard to do previously, but 2.0 gives
us a place to do this type of change.
> By default authorization will still be off, as there are a few other things to set when
turning on authorization (such as the list of admin users).



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message