Hi all, I'm trying to understand the meaning of some of the privileges in the system, and I'm a bit stumped on what some of them actually do.
Privileges that confuse me: INDEX - my best guess is that this allows me to create/drop indexes on a table? Is it the case that if I have select access on a table, I can use any index that exists on a table? LOCK - Presumably this allows users to lock or unlock a table, so maybe a better question is: are these locks like mutexes, where only I can access the table, or is this literally locking down the table, so it can't be modified in any way? SHOW_DATABASE - I'm not sure what the scope of this one is: if I don't have show_database access, can I not use the show database command? Or does this extend to not being able to see the tables within a database? It seems like you can grant some privileges on objects that don't have a lot of meaning, i.e. create access on a table doesn't seem to have a lot of semantic value, unless Hive requires that permission to create indexes on a table, or something along those lines. Similarly, I'm having a hard time rationalizing why I can grant SHOW_DATABASE on a table. Thanks a lot, Jon
