[HIVE-20457] Create authorization mechanism for granting/revoking privileges to change Hive properties - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Open
Priority: Critical
Resolution: Unresolved
Affects Version/s: None
Fix Version/s: None
Component/s: Security
Labels:
- authorization

Description

At the moment any user in Hive can change any property of Hive. So he can set hive.exec.pre.hooks to hook that implements dangerous code. It would be nice to create roles and assign list of properties that particular role is able to modify. For example, admin role has permissions to change any property, and hive_client can change only hive.txn.timeout.

Attachments

Activity

People

Assignee:: Oleksiy Sayankin

Reporter:: Oleksiy Sayankin

Votes:: 0 Vote for this issue

Watchers:: 4 Start watching this issue

Dates

Created:: 24/Aug/18 10:10

Updated:: 24/Aug/18 15:53