You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@ranger.apache.org by "Alok Lal (JIRA)" <ji...@apache.org> on 2015/12/01 08:17:10 UTC

[jira] [Updated] (RANGER-738) Server-wide control over TRANSFORM clause in Hive

     [ https://issues.apache.org/jira/browse/RANGER-738?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Alok Lal updated RANGER-738:
----------------------------
    Summary: Server-wide control over TRANSFORM clause in Hive  (was: Server-wide control over TRANFORM clause in Hive)

> Server-wide control over TRANSFORM clause in Hive
> -------------------------------------------------
>
>                 Key: RANGER-738
>                 URL: https://issues.apache.org/jira/browse/RANGER-738
>             Project: Ranger
>          Issue Type: New Feature
>          Components: plugins
>            Reporter: Scott C Gray
>              Labels: features, security
>
> The TRANFORM statement in Hive is a big security hole with Hive run without impersonation, so when SQL Standard Authorization is enabled, the feature id completely disabled which is a bit of a sledgehammer approach to securing this statement.
> Sentry added support for restricting this statement at a per-user/group level, which should be adopted by Ranger.
> https://issues.apache.org/jira/browse/SENTRY-598



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)