hive-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mich Talebzadeh <mich.talebza...@gmail.com>
Subject Re: SHOW DATABASES/TABLES with SQL standard authorization
Date Mon, 30 May 2016 18:12:05 GMT
ok that is different from seeing the list of databases. That is just schema

case in point in SAP ASE a normal RDBMS

> sp_addlogin someuser, someuser123, scratchpad
2> go
Password correctly set.
Account unlocked.
New login created.
(return status = 0)
1> exit
 isql -U someuser -w1000
Password:
-- Show me list of databases. full list is displayed
1> sp_helpdb
2> go
 name                 db_size       owner dbid  created      durability
lobcomplvl inrowlen status
 -------------------- ------------- ----- ----- ------------ -----------
---------- --------
-----------------------------------------------------------------------------
 ASEIMDB                  5000.0 MB sa        6 Mar 05, 2012
no_recovery          0
 ASEIMDB_template         5000.0 MB sa        9 Apr 26, 2016
full                 0
 DBA_CONTROL_20150613      150.0 MB sa       10 Apr 26, 2016
full
 DBA_CONTROL_old           150.0 MB sa       11 Apr 26, 2016
full                 0
 DBHDD                   12000.0 MB sa        4 Oct 10, 2011
full                 0
 DBSSD                   27690.0 MB sa        7 Apr 26, 2016
full                 0
  master                    100.0 MB sa        1 Oct 10, 2011
full                 0
 mda_analysis             1200.0 MB sa       17 Jul 06, 2013
full                 0
 model                      12.0 MB sa        3 Oct 10, 2011
full                 0
 scratchpad              77756.0 MB sa        5 Apr 25, 2016
full                 0

-- Can I use ASEIMDB with no access right given?
--
1> use ASEIMDB
2> go
Msg 10351, Level 14, State 1:
Server 'SYB_157', Line 1:
Server user id 24 is not a valid user in database 'ASEIMDB'

HTH

Dr Mich Talebzadeh



LinkedIn * https://www.linkedin.com/profile/view?id=AAEAAAAWh2gBxianrbJd6zP6AcPCCdOABUrV8Pw
<https://www.linkedin.com/profile/view?id=AAEAAAAWh2gBxianrbJd6zP6AcPCCdOABUrV8Pw>*



http://talebzadehmich.wordpress.com



On 30 May 2016 at 18:52, Lukas Lalinsky <lukas.lalinsky@exponea.com> wrote:

> I realize it's just a list, but it's still not something I'd expect. The
> difference compared to a normal RDBMS is that they typically have a CONNECT
> privilege, which I can use to restrict the user to connecting to other
> databases.
>
> I'm also more concerned about SHOW TABLES. It just seems strange that I
> can do this for any database:
>
> USE any_db;
> SHOW TABLES;
>
> Regards,
>
> Lukas
>
>
> On Mon, May 30, 2016 at 7:34 PM, Mich Talebzadeh <
> mich.talebzadeh@gmail.com> wrote:
>
>> the behaviour is no different from a normal RDBMS.
>>
>> show databases actually inquires Hive  metadata table DBS.
>>
>>  select NAME, OWNER_NAME from DBS order by 1,2;
>> NAME                           OWNER_NAME
>> ------------------------------ ------------------------------
>> accounts                       hduser
>> asehadoop                      hduser
>> default                        public
>> iqhadoop                       hduser
>> mytable_db                     hduser
>> oraclehadoop                   hduser
>> test                           hduser
>> 7 rows selected.
>>
>> However, that is just a list. It does not mean you have access rights to
>> that database.
>>
>> HTH
>>
>> Dr Mich Talebzadeh
>>
>>
>>
>> LinkedIn * https://www.linkedin.com/profile/view?id=AAEAAAAWh2gBxianrbJd6zP6AcPCCdOABUrV8Pw
>> <https://www.linkedin.com/profile/view?id=AAEAAAAWh2gBxianrbJd6zP6AcPCCdOABUrV8Pw>*
>>
>>
>>
>> http://talebzadehmich.wordpress.com
>>
>>
>>
>> On 30 May 2016 at 18:20, Lukas Lalinsky <lukas.lalinsky@exponea.com>
>> wrote:
>>
>>> I'm setting up a Hive instance with the SQL standard authorization and
>>> it seems to be working great for all normal operations, but for SHOW
>>> DATABASES/TABLES it's behaving differently from what I would expect.
>>>
>>> It always shows all databases/tables, even though I do not have access
>>> to those tables. Is that the intended behavior? Or is there something that
>>> can be done to filter out items which I can't access?
>>>
>>> Regards,
>>>
>>> Lukas
>>>
>>
>>
>

Mime
View raw message