Return-Path: X-Original-To: apmail-hive-user-archive@www.apache.org Delivered-To: apmail-hive-user-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 4939A10717 for ; Fri, 22 Nov 2013 19:45:36 +0000 (UTC) Received: (qmail 67320 invoked by uid 500); 22 Nov 2013 19:45:34 -0000 Delivered-To: apmail-hive-user-archive@hive.apache.org Received: (qmail 67247 invoked by uid 500); 22 Nov 2013 19:45:34 -0000 Mailing-List: contact user-help@hive.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: user@hive.apache.org Delivered-To: mailing list user@hive.apache.org Received: (qmail 67239 invoked by uid 99); 22 Nov 2013 19:45:34 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 22 Nov 2013 19:45:34 +0000 X-ASF-Spam-Status: No, hits=1.5 required=5.0 tests=HTML_MESSAGE,RCVD_IN_DNSWL_LOW,SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (nike.apache.org: domain of biswajit.nayak@inmobi.com designates 209.85.128.181 as permitted sender) Received: from [209.85.128.181] (HELO mail-ve0-f181.google.com) (209.85.128.181) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 22 Nov 2013 19:45:27 +0000 Received: by mail-ve0-f181.google.com with SMTP id oy12so1277783veb.12 for ; Fri, 22 Nov 2013 11:45:06 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:content-type; bh=Z76a9eJCww+dQQTo/ZoDbFTKtirZSdCzPnezYJ8Cpck=; b=MdDE4xrBtuykJR/oGBgcxnTrblDbnbGnoXVlzBge24FugfBvls5+Df6YduHX2nVFqA UKgCMvUEBT5PGi4gRC5DAApV69q+zUYb+QZvmwq2sowyuGb8UsHADJcscENt4t5ImFUz VEVvphUcTnfdpyTVu/kdODDh86wsyFLXw6t6Sg4/ODjY/x3R+ff7xFkrSMuAyOz3sJTN fOiws/XJgjnlZmhRWJEgyvGYYKA7uwoakXIFbvXLWLMyFv1lTSvwLbTn1BTdFLQx7Hbp f7DGCzwZWwSIpD65kTyuQ1AOHmzOOnay0ouKT2jMRVYbtwq7FwDSA+lFyFRYF4miV84c 35nQ== X-Gm-Message-State: ALoCoQmDntsBN0q8x45RVBRVeZvFnvffXO6lL+LXhcfu6VcZr9IWKogruJsd5VgMOhZyX222N6M4K9ihCHsHjvN6+GkEhP4uf/148LmGblLWUqmwD54WHsY= MIME-Version: 1.0 X-Received: by 10.58.217.130 with SMTP id oy2mr3409097vec.24.1385149506696; Fri, 22 Nov 2013 11:45:06 -0800 (PST) Received: by 10.220.43.16 with HTTP; Fri, 22 Nov 2013 11:45:06 -0800 (PST) Received: by 10.220.43.16 with HTTP; Fri, 22 Nov 2013 11:45:06 -0800 (PST) In-Reply-To: References: Date: Sat, 23 Nov 2013 01:15:06 +0530 Message-ID: Subject: Re: How to prevent user drop table in Hive metadata? From: Biswajit Nayak To: user@hive.apache.org Content-Type: multipart/alternative; boundary=047d7bdc051e4eeb0704ebc9408f X-Virus-Checked: Checked by ClamAV on apache.org --047d7bdc051e4eeb0704ebc9408f Content-Type: text/plain; charset=US-ASCII Hi Echo, I dont think there is any to prevent this. I had the same concern in hbase, but found out that it is assumed that user using the system are very much aware of it. I am into hive from last 3 months, was looking for some kind of way here, but no luck till now.. Thanks Biswa On 23 Nov 2013 01:06, "Echo Li" wrote: > Good Friday! > > I was trying to apply certain level of security in our hive data > warehouse, by modifying access mode of directories and files on hdfs to 755 > I think it's good enough for a new user to remove data, however the user > still can drop the table definition in hive cli, seems the "revoke" doesn't > help much, is there any way to prevent this? > > > Thanks, > Echo > -- _____________________________________________________________ The information contained in this communication is intended solely for the use of the individual or entity to whom it is addressed and others authorized to receive it. It may contain confidential or legally privileged information. If you are not the intended recipient you are hereby notified that any disclosure, copying, distribution or taking any action in reliance on the contents of this information is strictly prohibited and may be unlawful. If you have received this communication in error, please notify us immediately by responding to this email and then delete it from your system. The firm is neither liable for the proper and complete transmission of the information contained in this communication nor for any delay in its receipt. --047d7bdc051e4eeb0704ebc9408f Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable

Hi Echo,

I dont think there is any to prevent this. I had the same co= ncern in hbase, but found out that it is assumed that user using the system= are very much aware of it.=A0 I am into hive from last 3 months, was looki= ng for some kind of way here, but no luck till now..

Thanks
Biswa

On 23 Nov 2013 01:06, "Echo Li" <echolql@gmail.com> wrote:
Good Friday!

I was trying to a= pply certain level of security in our hive data warehouse, by modifying acc= ess mode of directories and files on hdfs to 755 I think it's good enou= gh for a new user to remove data, however the user still can drop the table= definition in hive cli, seems the "revoke" doesn't help much= , is there any way to prevent this?


Thanks,
Echo

_____________= ________________________________________________
The information contained in this communication is intended solely for th= e use of the individual or entity to whom it is addressed and others author= ized to receive it. It may contain confidential or legally privileged infor= mation. If you are not the intended recipient you are hereby notified that = any disclosure, copying, distribution or taking any action in reliance on t= he contents of this information is strictly prohibited and may be unlawful.= If you have received this communication in error, please notify us immedia= tely by responding to this email and then delete it from your system. The f= irm is neither liable for the proper and complete transmission of the infor= mation contained in this communication nor for any delay in its receipt. --047d7bdc051e4eeb0704ebc9408f--