Details
-
Bug
-
Status: Open
-
Major
-
Resolution: Unresolved
-
None
-
None
-
None
Description
Hive's authorization mechanism works with DML and DDL statements only. Authorization checks are not applied when a Thrift client directly accesses the Metastore's Thrift interface, e.g. create_table(), drop_table(), alter_table(), get_databases(), get_tables(), etc.
Catalog functions such as get_databases() and get_tables() are directly accessed by JDBC and ODBC drivers.
Attachments
Issue Links
- is duplicated by
-
HIVE-2876 Need more server side authorization for Hive Metastore operations
- Resolved
- is related to
-
HCATALOG-244 Security in Hcat
- Open