You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@ranger.apache.org by "Ramesh Mani (JIRA)" <ji...@apache.org> on 2014/10/16 00:59:34 UTC

[jira] [Commented] (ARGUS-114) Argus Hive authorization to support HiveServe2 only (and not HiveCLI)

    [ https://issues.apache.org/jira/browse/ARGUS-114?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14173109#comment-14173109 ] 

Ramesh Mani commented on ARGUS-114:
-----------------------------------

Commit link
https://git-wip-us.apache.org/repos/asf?p=incubator-argus.git;a=commit;h=47987b48

> Argus Hive authorization to support HiveServe2 only (and not HiveCLI)
> ---------------------------------------------------------------------
>
>                 Key: ARGUS-114
>                 URL: https://issues.apache.org/jira/browse/ARGUS-114
>             Project: Argus
>          Issue Type: Bug
>    Affects Versions: 0.4.0
>            Reporter: Madhan Neethiraj
>            Assignee: Ramesh Mani
>             Fix For: 0.4.0
>
>         Attachments: Argus114.patch
>
>
> Currently Argus supports Hive authorization for both Hive CLI and HiveServer2. Hive CLI comes with a loophole where users can potentially access metastore and Argus config, giving them access to sensitive data such as Argus audit database.
> Moving forward, Argus should only support HiveServer2 for Hive authorization. Users accessing Hive CLI are protected through permissions at HDFS for folder/files corresponding to the Hive tables.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)