You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@hive.apache.org by "Brock Noland (JIRA)" <ji...@apache.org> on 2014/03/12 14:55:42 UTC
[jira] [Updated] (HIVE-6629) Discuss SET ROLE NONE
[ https://issues.apache.org/jira/browse/HIVE-6629?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Brock Noland updated HIVE-6629:
-------------------------------
Description:
I understand this is well after it's been implemented. However, I think we need to discuss the counter-intuitive SET ROLE semantics before we release 0.13.
The new Hive Authz work implements "SET ROLE NONE" similar to MySQL meaning that "SET ROLE NONE" actually sets your role to the default. This is extremely counter-intuitive.
* [Oracle|http://docs.oracle.com/cd/B19306_01/server.102/b14200/statements_10004.htm]
* [Informix|http://pic.dhe.ibm.com/infocenter/idshelp/v117/index.jsp?topic=%2Fcom.ibm.sqls.doc%2Fids_sqs_1186.htm]
* [Vertica|https://my.vertica.com/docs/5.1.6/HTML/index.htm#15645.htm]
* [SAP|http://www.sapdb.org/htmhelp/44/a17998442911d3a98200a0c9449261/content.htm]
All of the widely deployed databases have "SET ROLE NONE" disable all privileges. Those databases have the intuitive "SET ROLE ALL" or "SET ROLE DEFAULT" enable all privileges.
was:
I understand this is well after it's been implemented. However, I think we need to discuss the counter-intuitive SET ROLE syntax before we release 0.13.
The new Hive Authz work implements "SET ROLE NONE" similar to MySQL meaning that "SET ROLE NONE" actually sets your role to the default. This is extremely counter-intuitive.
* [Oracle|http://docs.oracle.com/cd/B19306_01/server.102/b14200/statements_10004.htm]
* [Informix|http://pic.dhe.ibm.com/infocenter/idshelp/v117/index.jsp?topic=%2Fcom.ibm.sqls.doc%2Fids_sqs_1186.htm]
* [Vertica|https://my.vertica.com/docs/5.1.6/HTML/index.htm#15645.htm]
* [SAP|http://www.sapdb.org/htmhelp/44/a17998442911d3a98200a0c9449261/content.htm]
All of the widely deployed databases have "SET ROLE NONE" disable all privileges. Those databases have the intuitive "SET ROLE ALL" or "SET ROLE DEFAULT" enable all privileges.
> Discuss SET ROLE NONE
> ---------------------
>
> Key: HIVE-6629
> URL: https://issues.apache.org/jira/browse/HIVE-6629
> Project: Hive
> Issue Type: Task
> Affects Versions: 0.13.0
> Reporter: Brock Noland
> Priority: Blocker
> Fix For: 0.13.0
>
>
> I understand this is well after it's been implemented. However, I think we need to discuss the counter-intuitive SET ROLE semantics before we release 0.13.
> The new Hive Authz work implements "SET ROLE NONE" similar to MySQL meaning that "SET ROLE NONE" actually sets your role to the default. This is extremely counter-intuitive.
> * [Oracle|http://docs.oracle.com/cd/B19306_01/server.102/b14200/statements_10004.htm]
> * [Informix|http://pic.dhe.ibm.com/infocenter/idshelp/v117/index.jsp?topic=%2Fcom.ibm.sqls.doc%2Fids_sqs_1186.htm]
> * [Vertica|https://my.vertica.com/docs/5.1.6/HTML/index.htm#15645.htm]
> * [SAP|http://www.sapdb.org/htmhelp/44/a17998442911d3a98200a0c9449261/content.htm]
> All of the widely deployed databases have "SET ROLE NONE" disable all privileges. Those databases have the intuitive "SET ROLE ALL" or "SET ROLE DEFAULT" enable all privileges.
--
This message was sent by Atlassian JIRA
(v6.2#6252)