Echo Li 2013-11-22, 19:36
Richard Nadeau 2013-11-22, 20:39
Biswajit Nayak 2013-11-22, 19:45
simon.2.thompson@... 2013-11-22, 19:49
Biswajit Nayak 2013-11-22, 19:51
Alan Gates 2013-11-22, 20:53
simon.2.thompson@... 2013-11-22, 20:55
Shreepadma Venugopalan 2013-11-22, 22:36
Echo Li 2013-11-22, 23:06
Xiu Guo 2013-11-22, 23:11
Apache Sentry is already available and made its first incubating release a
couple of months back.
On Fri, Nov 22, 2013 at 3:06 PM, Echo Li <[EMAIL PROTECTED]> wrote:
> Thanks all, that's all very helpful information.
> Shreepadma, when will the Apache Sentry come GA?
> On Fri, Nov 22, 2013 at 2:36 PM, Shreepadma Venugopalan <
> [EMAIL PROTECTED]> wrote:
>> Apache Sentry (incubating) provides fine-grained role-based authorization
>> for Hive among other components of the Hadoop ecosystem. It currently
>> supports fully secure, fine-grained, role-based authorization for Hive and
>> can be used to prevent the scenario described earlier i.e., prevent a user
>> from dropping a table the user shouldn't be allowed to drop.
>> On Fri, Nov 22, 2013 at 12:55 PM, <[EMAIL PROTECTED]> wrote:
>>> Thanks Alan - I'll fwd the spec in the Jira to some of our security and
>>> integrity people for comment.
>>> Dr. Simon Thompson
>>> From: Alan Gates [[EMAIL PROTECTED]]
>>> Sent: 22 November 2013 20:53
>>> To: [EMAIL PROTECTED]
>>> Subject: Re: How to prevent user drop table in Hive metadata?
>>> See https://issues.apache.org/jira/browse/HIVE-5837 for a JIRA
>>> addressing this.
>>> Also, you can use the StorageBasedAuthorizationProvider in Hive, which
>>> bases metadata security on file security. So if the user doesn't have
>>> permissions to remove the directory that stores the table data, they won't
>>> have permissions to drop the table. This isn't perfect, but it's a start.
>>> On Nov 22, 2013, at 11:49 AM, <[EMAIL PROTECTED]> <
>>> [EMAIL PROTECTED]> wrote:
>>> > Has no one raised a Jira ticket ?
>>> > ----
>>> > Dr. Simon Thompson
>>> > ________________________________________
>>> > From: Biswajit Nayak [[EMAIL PROTECTED]]
>>> > Sent: 22 November 2013 19:45
>>> > To: [EMAIL PROTECTED]
>>> > Subject: Re: How to prevent user drop table in Hive metadata?
>>> > Hi Echo,
>>> > I dont think there is any to prevent this. I had the same concern in
>>> hbase, but found out that it is assumed that user using the system are very
>>> much aware of it. I am into hive from last 3 months, was looking for some
>>> kind of way here, but no luck till now..
>>> > Thanks
>>> > Biswa
>>> > On 23 Nov 2013 01:06, "Echo Li" <[EMAIL PROTECTED]<mailto:
>>> [EMAIL PROTECTED]>> wrote:
>>> > Good Friday!
>>> > I was trying to apply certain level of security in our hive data
>>> warehouse, by modifying access mode of directories and files on hdfs to 755
>>> I think it's good enough for a new user to remove data, however the user
>>> still can drop the table definition in hive cli, seems the "revoke" doesn't
>>> help much, is there any way to prevent this?
>>> > Thanks,
>>> > Echo
>>> > _____________________________________________________________
>>> > The information contained in this communication is intended solely for
>>> the use of the individual or entity to whom it is addressed and others
>>> authorized to receive it. It may contain confidential or legally privileged
>>> information. If you are not the intended recipient you are hereby notified
>>> that any disclosure, copying, distribution or taking any action in reliance
>>> on the contents of this information is strictly prohibited and may be
>>> unlawful. If you have received this communication in error, please notify
>>> us immediately by responding to this email and then delete it from your
>>> system. The firm is neither liable for the proper and complete transmission
>>> of the information contained in this communication nor for any delay in its
>>> CONFIDENTIALITY NOTICE
>>> NOTICE: This message is intended for the use of the individual or entity
>>> which it is addressed and may contain information that is confidential,
>>> privileged and exempt from disclosure under applicable law. If the reader
Sanjay Subramanian 2013-12-01, 06:00
Nitin Pawar 2013-11-22, 20:04
Jov 2013-12-01, 06:41