Hi, NitinThanks for your replay. This very useful for us. We'll consider about 
your suggestions.

--------------------------------


----- 原始邮件 -----
发件人:Alan Gates <[email protected]>
收件人:[email protected]
主题:Re: how to set column level privileges
日期:2015年03月26日 23点23分

Column level permissions was added to Hive default authorization in 
HIVE-5837.  That is why the TBL_COL_PRIV tables exists in the 
metastore.  The problem with default auth is it isn't really secure, as 
anyone can grant anybody (including themselves) any privilege.
  But Allen is correct that it doesn't work with the SQL Standard 
Authorization added in Hive 0.14.  The only method using SQL standard 
auth out of the box is views.  I believe using Apache Ranger (and maybe 
Apache Sentry, I'm not sure) with SQL standard auth you can get column 
level privileges.
Alan.
> Nitin Pawar <mailto:[email protected]>
> March 26, 2015 at 4:18
> Column level security in hive was added at HIVE-5837 
> <https://issues.apache.org/jira/browse/HIVE-5837>
>
> It has the PDF link for your readings.
>
> https://cwiki.apache.org/confluence/display/Hive/AuthDev talks about 
> setting column level permissions
>
>
>
>
> -- 
> Nitin Pawar
> Allen <mailto:[email protected]>
> March 26, 2015 at 4:09
>
> Thanks for your replay.
>
> If we handle the privileges by creating views, it will lead to lots of 
> views in our database.
>
> I found there is a table named TBL_COL_PRIV in hive metastore 
> database, maybe this table is related to column privilege,but it is 
> never used in hive. Anybody knew why?
>
>
>
> --------------------------------
>
>
> ----- 原始邮件 -----
> 发件人:Daniel Haviv <[email protected]>
> 收件人:"[email protected]" <[email protected]>
> 主题:Re: how to set column level privileges
> 日期:2015年03月26日 18点42分
>
> Create a view with the permitted columns and handle the privileges for it
>
> Daniel
>
> On 26 במרץ 2015, at 12:40, Allen <[email protected] 
> <mailto:[email protected]>> wrote:
>
Column level permissions 
was added to Hive default authorization in HIVE-5837.  That is why the 
TBL_COL_PRIV tables exists in the metastore.  The problem with default 
auth is it isn't really secure, as anyone can grant anybody (including 
themselves) any privilege.



 But Allen is correct that it doesn't work with the SQL Standard 
Authorization added in Hive 0.14.  The only method using SQL standard 
auth out of the box is views.  I believe using Apache Ranger (and maybe 
Apache Sentry, I'm not sure) with SQL standard auth you can get column 
level privileges.



Alan.




           
        Nitin Pawar      
  March 26, 2015 at
 4:18
  Column level 
security in hive was added at HIVE-5837
It
 has the PDF link for your readings. 
https://cwiki.apache.org/confluence/display/Hive/AuthDev
 talks about setting column level permissions 



-- 
Nitin Pawar



  
           
        Allen      
  March 26, 2015 at
 4:09
  Thanks for your replay.If
 we handle the privileges by creating views, it will lead to lots of 
views in our database.I found there is a table named TBL_COL_PRIV
 in hive metastore database, maybe this table is related to column 
privilege,but it is never used in hive. Anybody knew why? 

--------------------------------


----- 原始邮件 -----
发件
人:Daniel Haviv <[email protected]>
收件
人:"[email protected]" <[email protected]>
主题:Re: how to 
set column level privileges
日期:2015年03月26日 18点42分

Create a view with the permitted columns and 
handle the privileges for it
Daniel
On 26 במרץ 2015, at 12:40, Allen <[email protected]> wrote:






Reply via email to