ranger-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Velmurugan Periasamy (JIRA)" <j...@apache.org>
Subject [jira] [Created] (RANGER-577) Hive Plugin - Ranger should not change hive config if authorization is disabled
Date Mon, 20 Jul 2015 19:12:05 GMT
Velmurugan Periasamy created RANGER-577:
-------------------------------------------

             Summary: Hive Plugin - Ranger should not change hive config if authorization
is disabled
                 Key: RANGER-577
                 URL: https://issues.apache.org/jira/browse/RANGER-577
             Project: Ranger
          Issue Type: Bug
          Components: plugins
    Affects Versions: 0.5.0
            Reporter: Velmurugan Periasamy
            Assignee: Madhan Neethiraj


Hive loads the authorizer and calls it's applyAuthorizationConfigPolicy function even if authorization
is disabled. This was done for sql standard authorization, so that even from hive-cli (where
authorization is disabled), new tables that get created have the correct permissions.

It would be good to have Ranger also behave same way as SQL Std auth, this can be done by
not calling  SettableConfigUpdater.setHiveConfWhiteList and not adding other restrictions
from its HiveAuthorizer.applyAuthorizationConfigPolicy implementation.




--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message