Description
Currently the metastore client performs the authorization by checking hdfs acls before talking to metastore server which is controlled by hive.security.authorization.enabled setting. Server only does authorization checks for drop operations (HIVE-1943). Need authorization checks for add and alter operations on the server side for better security.
Attachments
Issue Links
- duplicates
-
HIVE-2241 Thrift MetaStore interface bypasses authorization checks
- Open