You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@hive.apache.org by Lukas Lalinsky <lu...@exponea.com> on 2016/05/30 17:20:12 UTC
SHOW DATABASES/TABLES with SQL standard authorization
I'm setting up a Hive instance with the SQL standard authorization and it
seems to be working great for all normal operations, but for SHOW
DATABASES/TABLES it's behaving differently from what I would expect.
It always shows all databases/tables, even though I do not have access to
those tables. Is that the intended behavior? Or is there something that can
be done to filter out items which I can't access?
Regards,
Lukas
Re: SHOW DATABASES/TABLES with SQL standard authorization
Posted by Mich Talebzadeh <mi...@gmail.com>.
ok that is different from seeing the list of databases. That is just schema
case in point in SAP ASE a normal RDBMS
> sp_addlogin someuser, someuser123, scratchpad
2> go
Password correctly set.
Account unlocked.
New login created.
(return status = 0)
1> exit
isql -U someuser -w1000
Password:
-- Show me list of databases. full list is displayed
1> sp_helpdb
2> go
name db_size owner dbid created durability
lobcomplvl inrowlen status
-------------------- ------------- ----- ----- ------------ -----------
---------- --------
-----------------------------------------------------------------------------
ASEIMDB 5000.0 MB sa 6 Mar 05, 2012
no_recovery 0
ASEIMDB_template 5000.0 MB sa 9 Apr 26, 2016
full 0
DBA_CONTROL_20150613 150.0 MB sa 10 Apr 26, 2016
full
DBA_CONTROL_old 150.0 MB sa 11 Apr 26, 2016
full 0
DBHDD 12000.0 MB sa 4 Oct 10, 2011
full 0
DBSSD 27690.0 MB sa 7 Apr 26, 2016
full 0
master 100.0 MB sa 1 Oct 10, 2011
full 0
mda_analysis 1200.0 MB sa 17 Jul 06, 2013
full 0
model 12.0 MB sa 3 Oct 10, 2011
full 0
scratchpad 77756.0 MB sa 5 Apr 25, 2016
full 0
-- Can I use ASEIMDB with no access right given?
--
1> use ASEIMDB
2> go
Msg 10351, Level 14, State 1:
Server 'SYB_157', Line 1:
Server user id 24 is not a valid user in database 'ASEIMDB'
HTH
Dr Mich Talebzadeh
LinkedIn * https://www.linkedin.com/profile/view?id=AAEAAAAWh2gBxianrbJd6zP6AcPCCdOABUrV8Pw
<https://www.linkedin.com/profile/view?id=AAEAAAAWh2gBxianrbJd6zP6AcPCCdOABUrV8Pw>*
http://talebzadehmich.wordpress.com
On 30 May 2016 at 18:52, Lukas Lalinsky <lu...@exponea.com> wrote:
> I realize it's just a list, but it's still not something I'd expect. The
> difference compared to a normal RDBMS is that they typically have a CONNECT
> privilege, which I can use to restrict the user to connecting to other
> databases.
>
> I'm also more concerned about SHOW TABLES. It just seems strange that I
> can do this for any database:
>
> USE any_db;
> SHOW TABLES;
>
> Regards,
>
> Lukas
>
>
> On Mon, May 30, 2016 at 7:34 PM, Mich Talebzadeh <
> mich.talebzadeh@gmail.com> wrote:
>
>> the behaviour is no different from a normal RDBMS.
>>
>> show databases actually inquires Hive metadata table DBS.
>>
>> select NAME, OWNER_NAME from DBS order by 1,2;
>> NAME OWNER_NAME
>> ------------------------------ ------------------------------
>> accounts hduser
>> asehadoop hduser
>> default public
>> iqhadoop hduser
>> mytable_db hduser
>> oraclehadoop hduser
>> test hduser
>> 7 rows selected.
>>
>> However, that is just a list. It does not mean you have access rights to
>> that database.
>>
>> HTH
>>
>> Dr Mich Talebzadeh
>>
>>
>>
>> LinkedIn * https://www.linkedin.com/profile/view?id=AAEAAAAWh2gBxianrbJd6zP6AcPCCdOABUrV8Pw
>> <https://www.linkedin.com/profile/view?id=AAEAAAAWh2gBxianrbJd6zP6AcPCCdOABUrV8Pw>*
>>
>>
>>
>> http://talebzadehmich.wordpress.com
>>
>>
>>
>> On 30 May 2016 at 18:20, Lukas Lalinsky <lu...@exponea.com>
>> wrote:
>>
>>> I'm setting up a Hive instance with the SQL standard authorization and
>>> it seems to be working great for all normal operations, but for SHOW
>>> DATABASES/TABLES it's behaving differently from what I would expect.
>>>
>>> It always shows all databases/tables, even though I do not have access
>>> to those tables. Is that the intended behavior? Or is there something that
>>> can be done to filter out items which I can't access?
>>>
>>> Regards,
>>>
>>> Lukas
>>>
>>
>>
>
Re: SHOW DATABASES/TABLES with SQL standard authorization
Posted by Lukas Lalinsky <lu...@exponea.com>.
I realize it's just a list, but it's still not something I'd expect. The
difference compared to a normal RDBMS is that they typically have a CONNECT
privilege, which I can use to restrict the user to connecting to other
databases.
I'm also more concerned about SHOW TABLES. It just seems strange that I can
do this for any database:
USE any_db;
SHOW TABLES;
Regards,
Lukas
On Mon, May 30, 2016 at 7:34 PM, Mich Talebzadeh <mi...@gmail.com>
wrote:
> the behaviour is no different from a normal RDBMS.
>
> show databases actually inquires Hive metadata table DBS.
>
> select NAME, OWNER_NAME from DBS order by 1,2;
> NAME OWNER_NAME
> ------------------------------ ------------------------------
> accounts hduser
> asehadoop hduser
> default public
> iqhadoop hduser
> mytable_db hduser
> oraclehadoop hduser
> test hduser
> 7 rows selected.
>
> However, that is just a list. It does not mean you have access rights to
> that database.
>
> HTH
>
> Dr Mich Talebzadeh
>
>
>
> LinkedIn * https://www.linkedin.com/profile/view?id=AAEAAAAWh2gBxianrbJd6zP6AcPCCdOABUrV8Pw
> <https://www.linkedin.com/profile/view?id=AAEAAAAWh2gBxianrbJd6zP6AcPCCdOABUrV8Pw>*
>
>
>
> http://talebzadehmich.wordpress.com
>
>
>
> On 30 May 2016 at 18:20, Lukas Lalinsky <lu...@exponea.com>
> wrote:
>
>> I'm setting up a Hive instance with the SQL standard authorization and it
>> seems to be working great for all normal operations, but for SHOW
>> DATABASES/TABLES it's behaving differently from what I would expect.
>>
>> It always shows all databases/tables, even though I do not have access to
>> those tables. Is that the intended behavior? Or is there something that can
>> be done to filter out items which I can't access?
>>
>> Regards,
>>
>> Lukas
>>
>
>
Re: SHOW DATABASES/TABLES with SQL standard authorization
Posted by Mich Talebzadeh <mi...@gmail.com>.
the behaviour is no different from a normal RDBMS.
show databases actually inquires Hive metadata table DBS.
select NAME, OWNER_NAME from DBS order by 1,2;
NAME OWNER_NAME
------------------------------ ------------------------------
accounts hduser
asehadoop hduser
default public
iqhadoop hduser
mytable_db hduser
oraclehadoop hduser
test hduser
7 rows selected.
However, that is just a list. It does not mean you have access rights to
that database.
HTH
Dr Mich Talebzadeh
LinkedIn * https://www.linkedin.com/profile/view?id=AAEAAAAWh2gBxianrbJd6zP6AcPCCdOABUrV8Pw
<https://www.linkedin.com/profile/view?id=AAEAAAAWh2gBxianrbJd6zP6AcPCCdOABUrV8Pw>*
http://talebzadehmich.wordpress.com
On 30 May 2016 at 18:20, Lukas Lalinsky <lu...@exponea.com> wrote:
> I'm setting up a Hive instance with the SQL standard authorization and it
> seems to be working great for all normal operations, but for SHOW
> DATABASES/TABLES it's behaving differently from what I would expect.
>
> It always shows all databases/tables, even though I do not have access to
> those tables. Is that the intended behavior? Or is there something that can
> be done to filter out items which I can't access?
>
> Regards,
>
> Lukas
>