In case we enables :
hive.security.authorization.enabled=true in hive-site.xml
this setting can be disabled by users at their hive prompt. There should be hardcoded setting in the configs.
The other thing is once we enable authorization, the tables that got created before enabling looses access as they don't have authorization defined. How this situation can be tackled in hive.
Note that this issue does not affect SQL standard or ranger authorization plugin.