hive-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Sanjay Subramanian <Sanjay.Subraman...@wizecommerce.com>
Subject "hive -h <hostname>" option bypasses ROLES and access permissions ?
Date Mon, 12 Aug 2013 23:48:33 GMT
Hi

Hive version 0.9.0 (hive-common-0.9.0-cdh4.1.2.jar)


<property>
  <name>hive.security.authorization.enabled</name>
  <value>true</value>
  <description>enable or disable the hive client authorization</description>
</property>



Linux User = hiveuser1 (no hive permissions)

CASE 1
hive -e "select * from outpdir_ptitle_explanation_parsed limit 10"
Authorization failed:No privilege 'Select' found for inputs { database:default, table:outpdir_ptitle_explanation_parsed,
columnName:header_servername}. Use show grant to get more details.

CASE 2 (use the -h option)
hive -h localhost -e "select * from outpdir_ptitle_explanation_parsed limit 10"
Shows results !!!

Why does "-h" option bypass authorization

Thanks

sanjay


CONFIDENTIALITY NOTICE
======================
This email message and any attachments are for the exclusive use of the intended recipient(s)
and may contain confidential and privileged information. Any unauthorized review, use, disclosure
or distribution is prohibited. If you are not the intended recipient, please contact the sender
by reply email and destroy all copies of the original message along with any attachments,
from your computer system. If you are the intended recipient, please be advised that the content
of this message is subject to access, review and disclosure by the sender's Email System Administrator.

CONFIDENTIALITY NOTICE
======================
This email message and any attachments are for the exclusive use of the intended recipient(s)
and may contain confidential and privileged information. Any unauthorized review, use, disclosure
or distribution is prohibited. If you are not the intended recipient, please contact the sender
by reply email and destroy all copies of the original message along with any attachments,
from your computer system. If you are the intended recipient, please be advised that the content
of this message is subject to access, review and disclosure by the sender's Email System Administrator.

CONFIDENTIALITY NOTICE
======================
This email message and any attachments are for the exclusive use of the intended recipient(s)
and may contain confidential and privileged information. Any unauthorized review, use, disclosure
or distribution is prohibited. If you are not the intended recipient, please contact the sender
by reply email and destroy all copies of the original message along with any attachments,
from your computer system. If you are the intended recipient, please be advised that the content
of this message is subject to access, review and disclosure by the sender's Email System Administrator.

Mime
View raw message