Index: src/docs/src/documentation/content/xdocs/authorization.xml =================================================================== --- src/docs/src/documentation/content/xdocs/authorization.xml (revision 1378793) +++ src/docs/src/documentation/content/xdocs/authorization.xml (working copy) @@ -28,7 +28,7 @@
Default Authorization Model of Hive -

The default authorization model of Hive supports a traditional RDBMS style of authorization based on users, groups and roles and granting them permissions to do operations on database or table. It is descibed in more detail in https://cwiki.apache.org/Hive/languagemanual-auth.html.

+

The default authorization model of Hive supports a traditional RDBMS style of authorization based on users, groups and roles and granting them permissions to do operations on database or table. It is described in more detail in Hive Authorization.

This RDBMS style of authorization is not very suitable for the typical use cases in Hadoop because of the following differences in implementation:

@@ -66,6 +66,11 @@

Details of HDFS permissions are given here: HDFS Permissions Guide.

+ + +
+ Minimum Permissions +

The following table shows the minimum permissions required for Hive operations under this authorization model:

 

@@ -147,6 +152,18 @@
+ + +
+ Unused DDL for Permissions + +

DDL statements that manage permissions for Hive's default authorization model do not have any effect on permissions in the storage-based model.

+ +

All GRANT and REVOKE statements for users, groups, and roles are ignored. See the Known Issues section below.

+ +
+
+
@@ -201,6 +218,7 @@
  • The current implementation of Hive performs the authorization checks in the client. This means that malicious users can circumvent these checks.
  • A different authorization provider (StorageDelegationAuthorizationProvider) needs to be used for working with HBase tables as well. But that is not well tested.
  • Partition files and directories added by a Hive query don’t inherit permissions from the table. This means that even if you grant permissions for a group to access a table, new partitions will have read permissions only for the owner, if the default umask for the cluster is configured as such. See https://issues.apache.org/jira/browse/HIVE-3094. A separate "hdfs chmod" command will be necessary to modify the permissions.
  • +
  • Although DDL statements for managing permissions have no effect in storage-based authorization, currently they do not return error messages. See https://issues.apache.org/jira/browse/HIVE-3010.