Uploaded image for project: 'Hive'
  1. Hive
  2. HIVE-7361

using authorization api for RESET, DFS, ADD, DELETE, COMPILE commands

    XMLWordPrintableJSON

Details

    • Improvement
    • Status: Closed
    • Major
    • Resolution: Fixed
    • None
    • 0.14.0
    • Authorization
    • Hide
      This also changes behavior in SQL std auth -
      reset command is now allowed.
      dfs,add,delete,compile commands are now allowed for the admin user.
      Show
      This also changes behavior in SQL std auth - reset command is now allowed. dfs,add,delete,compile commands are now allowed for the admin user.

    Description

      The only way to disable the commands SET, RESET, DFS, ADD, DELETE and COMPILE that is available currently is to use the hive.security.command.whitelist parameter.

      Some of these commands are disabled using this configuration parameter for security reasons when SQL standard authorization is enabled. However, it gets disabled in all cases.

      If authorization api is used authorize the use of these commands, it will give authorization implementations the flexibility to allow/disallow these commands based on user privileges.

      Attachments

        1. HIVE-7361.1.patch
          61 kB
          Thejas Nair
        2. HIVE-7361.2.patch
          65 kB
          Thejas Nair
        3. HIVE-7361.3.patch
          76 kB
          Thejas Nair
        4. HIVE-7361.4.patch
          75 kB
          Thejas Nair
        5. HIVE-7361.5.patch
          74 kB
          Thejas Nair

        Issue Links

          Activity

            People

              thejas Thejas Nair
              thejas Thejas Nair
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: