That would be a good idea. I searched before and didn't see a JIRA for this particular limitation. We're looking at areas of improving authorization as well. -jg
On Wed, Jul 20, 2011 at 10:59 PM, Guy Doulberg <guy.doulb...@conduit.com> wrote: > Thanks, > > Should I open a JIRA for that? > > If there is an easy things I can code to improve the Authorization situation > I will be more than willing to do that..... > > > -----Original Message----- > From: Jakob Homan [mailto:jgho...@gmail.com] > Sent: Thursday, July 21, 2011 12:13 AM > To: user@hive.apache.org > Subject: Re: A user can GRANT himself > > Currently one cannot grant privileges on granting, which does seem a > bit limiting. This can be rationalized that hive authorization is > only a deterrent against first-order mistakes and idiocy, rather than > a fully functioning authorization system. This is reasonable since > most of the actively malicious things one may wish to do can be done > just as easily through HDFS, so it's not worth putting much effort > into a system so easily circumvented. Issues such as > https://issues.apache.org/jira/browse/HIVE-1943 demonstrate this as > well. With hardened security now available in HDFS, it's worth > revisiting and strengthening these authentication options. > > -Jakob > > > On Wed, Jul 20, 2011 at 6:03 AM, Guy Doulberg <guy.doulb...@conduit.com> > wrote: >> Hi, >> >> >> >> I was playing with the Hive Authorization system.... >> >> >> >> It seems to me a user can Grant himslef privileges... >> >> >> >> Can an administrator can prohibit user to grant them self privileges? >> >> >> >> Thanks >> >> Guy Doulberg >> >> >> >> >
