[
https://issues.apache.org/jira/browse/HIVE-3591?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13747019#comment-13747019
]
Sushanth Sowmyan commented on HIVE-3591:
----------------------------------------
[~lmccay] : I wouldn't say "resolved", per se - the issue you bring is a valid
one, but one that does not fit the original hive security design (designed to
prevent people from accidentally doing something dangerous, as opposed to being
designed to prevent malicious users). For the security-conscious, there is
currently a work-around(metastore-side security) for the intermediate case
where stronger security is needed.
I think this is an important data point though, for us to consider when trying
to nail down hive security, and there is some intermediate work possible for
this in the short run as well(the above restricted conf idea)
> set hive.security.authorization.enabled can be executed by any user
> -------------------------------------------------------------------
>
> Key: HIVE-3591
> URL: https://issues.apache.org/jira/browse/HIVE-3591
> Project: Hive
> Issue Type: Bug
> Components: Authorization, CLI, Clients, JDBC
> Affects Versions: 0.7.1
> Environment: RHEL 5.6
> CDH U3
> Reporter: Dev Gupta
> Labels: Authorization, Security
>
> The property hive.security.authorization.enabled can be set to true or false,
> by any user on the CLI, thus circumventing any previously set grants and
> authorizations.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
