Home | About | Sematext search-lucene.com search-hadoop.com
 Search Hadoop and all its subprojects:

Switch to Threaded View
Hive, mail # user - Hive Authorization and Views

Copy link to this message
Re: Hive Authorization and Views
John Omernik 2013-05-16, 21:49
Edward - I agree that hive and rdbms are different animals, so in looking
at that current work around hive authorization, I  get that the user would
still have access to the underlying file system.  We have to assume that
permissions are only enforced from a metadata perspective.  But given that
it's high on the list of questions around hive in enterprise adoption of
any data warehousing solution, it may provide enough of a control to pass
audit requirements if views could be used as the control. User can access
data directly (outside of hive) however in hive users can't access table
directly, but can access the view.   Need to think it through some more,
even in a RBDMS, sometimes certain users would be able to access the files
of the data store (administrators etc) but be controlled from a perspective
of accessing the data through the rdbms.   Great discussion, I love stuff
like this, Hive is awesome its community discussion that makes it kick ass
(excuse the language) :)

On Thu, May 16, 2013 at 4:19 PM, Sanjay Subramanian <

>  Also we have all external tables to ensure that accidental dropping of
> tables does not delete data…Plus the good part of HDFS architecture is data
> is immutable….which means u cannot update rows….u can move partitions or
> delete/insert data from hdfs which IMHO is very cool….but may not solve all
> use cases
> Regards
> sanjay
>   From: Edward Capriolo <[EMAIL PROTECTED]>
> Date: Thursday, May 16, 2013 2:05 PM
> Subject: Re: Hive Authorization and Views
>   The largest issue is that the RDBMS security model does not match with
> hive. Hive/Hadoop has file permissions, RDMBS have column and sometimes row
> level permissions.
>  When you physically have access to the underlying file (row level)
> permissions are not enforceable. The only way to enforce this type of
> security is to force users through a "turnstyle" that changes how hive
> currently works.
> On Thu, May 16, 2013 at 4:42 PM, John Omernik <[EMAIL PROTECTED]> wrote:
>> I am curious on the thoughts of the community here, this seems like
>> something many enterprises would drool over with Hive... I am not a coder
>> so the level coding involved something like this is unknown.
>> On Sat, May 4, 2013 at 8:31 AM, John Omernik <[EMAIL PROTECTED]> wrote:
>>> We were doing some tests this past week with hive authorization, one of
>>> our current use "challenges" is when we have an underlying, well managed
>>> and partitioned table, and we want to allow access to certain columns in
>>> that table.  Our first thoughts went to VIEWs as that's a common use case
>>> with Relational Databases, (i.e. setup a view with only the columns you
>>> want the user to access) and set the permissions appropriately.
>>>  In testing, and this is not surprising given the the "newness" of Hive
>>> Authorization, a VIEW can not be created as to allow access to to a table
>>> without granting access to the underlying table, defeating the idea of the
>>> view as tool to manage that access.
>>>  So I wanted to put to the user group: I've done some JIRA searching
>>> and didn't find anything (I will admit my JIRA search Foo is not stellar),
>>> but is there an option that could be thrown together in Hive that would
>>> allow that use case?  Perhaps a configuration setting that would allow
>>> views to execute as a specific user (perhaps a global user, or perhaps a
>>> user specified as view creation).  This could allow the "view" to have
>>> access to underlying table, but since the view is created, and it couldn't
>>> be changed by the user, and thus you could set view "read" permissions to
>>> your user or group of users you want access.
>>>  I suppose this has challenges "i.e. can a user just create a view to
>>> bypass table level restrictions? Perhaps if this model was taken, the