You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@ranger.apache.org by "Ramesh Mani (JIRA)" <ji...@apache.org> on 2014/10/16 00:59:34 UTC
[jira] [Commented] (ARGUS-114) Argus Hive authorization to support
HiveServe2 only (and not HiveCLI)
[ https://issues.apache.org/jira/browse/ARGUS-114?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14173109#comment-14173109 ]
Ramesh Mani commented on ARGUS-114:
-----------------------------------
Commit link
https://git-wip-us.apache.org/repos/asf?p=incubator-argus.git;a=commit;h=47987b48
> Argus Hive authorization to support HiveServe2 only (and not HiveCLI)
> ---------------------------------------------------------------------
>
> Key: ARGUS-114
> URL: https://issues.apache.org/jira/browse/ARGUS-114
> Project: Argus
> Issue Type: Bug
> Affects Versions: 0.4.0
> Reporter: Madhan Neethiraj
> Assignee: Ramesh Mani
> Fix For: 0.4.0
>
> Attachments: Argus114.patch
>
>
> Currently Argus supports Hive authorization for both Hive CLI and HiveServer2. Hive CLI comes with a loophole where users can potentially access metastore and Argus config, giving them access to sensitive data such as Argus audit database.
> Moving forward, Argus should only support HiveServer2 for Hive authorization. Users accessing Hive CLI are protected through permissions at HDFS for folder/files corresponding to the Hive tables.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)