[jira] [Commented] (HIVE-3591) set hive.security.authorization.enabled can be executed by any user
[ https://issues.apache.org/jira/browse/HIVE-3591?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=13747571#comment-13747571 ] Larry McCay commented on HIVE-3591: --- It appears that System properties can override conf vars too. I assume that we should leverage the restrictList there as well. set hive.security.authorization.enabled can be executed by any user --- Key: HIVE-3591 URL: https://issues.apache.org/jira/browse/HIVE-3591 Project: Hive Issue Type: Bug Components: Authorization, CLI, Clients, JDBC Affects Versions: 0.7.1 Environment: RHEL 5.6 CDH U3 Reporter: Dev Gupta Labels: Authorization, Security The property hive.security.authorization.enabled can be set to true or false, by any user on the CLI, thus circumventing any previously set grants and authorizations. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (HIVE-3591) set hive.security.authorization.enabled can be executed by any user
[ https://issues.apache.org/jira/browse/HIVE-3591?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=13746744#comment-13746744 ] Larry McCay commented on HIVE-3591: --- What is the current status/thinking on this issue? Is it something that we should be addressing and are there any thoughts on how it should be prevented/restricted, etc? set hive.security.authorization.enabled can be executed by any user --- Key: HIVE-3591 URL: https://issues.apache.org/jira/browse/HIVE-3591 Project: Hive Issue Type: Bug Components: Authorization, CLI, Clients, JDBC Affects Versions: 0.7.1 Environment: RHEL 5.6 CDH U3 Reporter: Dev Gupta Labels: Authorization, Security The property hive.security.authorization.enabled can be set to true or false, by any user on the CLI, thus circumventing any previously set grants and authorizations. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (HIVE-3591) set hive.security.authorization.enabled can be executed by any user
[ https://issues.apache.org/jira/browse/HIVE-3591?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=13746980#comment-13746980 ] Thiruvel Thirumoolan commented on HIVE-3591: [~lmccay] The first approach to authorization was client side. [~sushanth] has also enabled this on the server side (HCatalog/Metastore) through HIVE-3705. We enable these features on our HCatalog deployments. Even if the user unsets these properties, server side changes still take effect and the user can't drop tables etc. We have tested this for HDFS based authorization. The properties we used on the HCatalog server are: property namehive.security.metastore.authorization.manager/name valueorg.apache.hadoop.hive.ql.security.authorization.StorageBasedAuthorizationProvider/value /property property namehive.security.metastore.authenticator.manager/name valueorg.apache.hadoop.hive.ql.security.HadoopDefaultMetastoreAuthenticator/value /property property namehive.metastore.pre.event.listeners/name valueorg.apache.hadoop.hive.ql.security.authorization.AuthorizationPreEventListener/value /property set hive.security.authorization.enabled can be executed by any user --- Key: HIVE-3591 URL: https://issues.apache.org/jira/browse/HIVE-3591 Project: Hive Issue Type: Bug Components: Authorization, CLI, Clients, JDBC Affects Versions: 0.7.1 Environment: RHEL 5.6 CDH U3 Reporter: Dev Gupta Labels: Authorization, Security The property hive.security.authorization.enabled can be set to true or false, by any user on the CLI, thus circumventing any previously set grants and authorizations. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (HIVE-3591) set hive.security.authorization.enabled can be executed by any user
[ https://issues.apache.org/jira/browse/HIVE-3591?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=13746991#comment-13746991 ] Larry McCay commented on HIVE-3591: --- Okay, so this is already resolved - correct? On Wed, Aug 21, 2013 at 7:07 PM, Thiruvel Thirumoolan (JIRA) set hive.security.authorization.enabled can be executed by any user --- Key: HIVE-3591 URL: https://issues.apache.org/jira/browse/HIVE-3591 Project: Hive Issue Type: Bug Components: Authorization, CLI, Clients, JDBC Affects Versions: 0.7.1 Environment: RHEL 5.6 CDH U3 Reporter: Dev Gupta Labels: Authorization, Security The property hive.security.authorization.enabled can be set to true or false, by any user on the CLI, thus circumventing any previously set grants and authorizations. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (HIVE-3591) set hive.security.authorization.enabled can be executed by any user
[ https://issues.apache.org/jira/browse/HIVE-3591?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=13747010#comment-13747010 ] Sushanth Sowmyan commented on HIVE-3591: Good spot, Larry. That's one more thing to address about client-side authorization, and much more basic than the issue of any user being able to grant themselves permissions for anything. :D [~ashutoshc] mentions that we have a notion of restrict-lists for HiveServer2, wherein it rejects attempts wherein users try set commands on restricted config parameters, and it might be a good idea to extend that notion to the hive client as well. It still leaves open the case where the end user is able to edit their hive-site.xml to simply set the parameter there, rather than in-script or in-commandline, but that is protectable by admin policies for deployments, and might be a reasonable compromise. That said, all of these still leave open the notion of being able edit/compile hive sources leaving out these protections on the client side, and thus, your metadata is not truly secure (data can be made secure by hdfs perms) unless you're using metastore-side authorization. set hive.security.authorization.enabled can be executed by any user --- Key: HIVE-3591 URL: https://issues.apache.org/jira/browse/HIVE-3591 Project: Hive Issue Type: Bug Components: Authorization, CLI, Clients, JDBC Affects Versions: 0.7.1 Environment: RHEL 5.6 CDH U3 Reporter: Dev Gupta Labels: Authorization, Security The property hive.security.authorization.enabled can be set to true or false, by any user on the CLI, thus circumventing any previously set grants and authorizations. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (HIVE-3591) set hive.security.authorization.enabled can be executed by any user
[ https://issues.apache.org/jira/browse/HIVE-3591?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=13747019#comment-13747019 ] Sushanth Sowmyan commented on HIVE-3591: [~lmccay] : I wouldn't say resolved, per se - the issue you bring is a valid one, but one that does not fit the original hive security design (designed to prevent people from accidentally doing something dangerous, as opposed to being designed to prevent malicious users). For the security-conscious, there is currently a work-around(metastore-side security) for the intermediate case where stronger security is needed. I think this is an important data point though, for us to consider when trying to nail down hive security, and there is some intermediate work possible for this in the short run as well(the above restricted conf idea) set hive.security.authorization.enabled can be executed by any user --- Key: HIVE-3591 URL: https://issues.apache.org/jira/browse/HIVE-3591 Project: Hive Issue Type: Bug Components: Authorization, CLI, Clients, JDBC Affects Versions: 0.7.1 Environment: RHEL 5.6 CDH U3 Reporter: Dev Gupta Labels: Authorization, Security The property hive.security.authorization.enabled can be set to true or false, by any user on the CLI, thus circumventing any previously set grants and authorizations. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (HIVE-3591) set hive.security.authorization.enabled can be executed by any user
[ https://issues.apache.org/jira/browse/HIVE-3591?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=13747078#comment-13747078 ] Larry McCay commented on HIVE-3591: --- I was looking at the restrictList earlier for this. I'll look into it further. Thanks for the insight! set hive.security.authorization.enabled can be executed by any user --- Key: HIVE-3591 URL: https://issues.apache.org/jira/browse/HIVE-3591 Project: Hive Issue Type: Bug Components: Authorization, CLI, Clients, JDBC Affects Versions: 0.7.1 Environment: RHEL 5.6 CDH U3 Reporter: Dev Gupta Labels: Authorization, Security The property hive.security.authorization.enabled can be set to true or false, by any user on the CLI, thus circumventing any previously set grants and authorizations. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira
