[
https://issues.apache.org/jira/browse/HIVE-5400?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13822159#comment-13822159
]
Lefty Leverenz commented on HIVE-5400:
--------------------------------------
Got it, thanks [~thejas]. I'll add hive.security.command.whitelist to the
Configuration Properties doc in the
[Authentication/Authorization|https://cwiki.apache.org/confluence/display/Hive/Configuration+Properties#ConfigurationProperties-Authentication%2FAuthorization]
section.
Does it belong in the subsection "Hive Client Security" or does it also apply
to metastore security (in which case it could have a new subsection, perhaps at
the beginning of Authentication/Authorization)?
> Allow admins to disable compile and other commands
> --------------------------------------------------
>
> Key: HIVE-5400
> URL: https://issues.apache.org/jira/browse/HIVE-5400
> Project: Hive
> Issue Type: Sub-task
> Reporter: Brock Noland
> Assignee: Brock Noland
> Fix For: 0.13.0
>
> Attachments: HIVE-5400.patch, HIVE-5400.patch, HIVE-5400.patch
>
>
> From here:
> https://issues.apache.org/jira/browse/HIVE-5253?focusedCommentId=13782220&page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-13782220
> I think we should afford admins who want to disable this functionality the
> ability to do so. Since such admins might want to disable other commands such
> as add or dfs, it wouldn't be much trouble to allow them to do this as well.
> For example we could have a configuration option "hive.available.commands"
> (or similar) which specified add,set,delete,reset, etc by default. Then check
> this value in CommandProcessorFactory. It would probably make sense to add
> this property to the restrict list.
--
This message was sent by Atlassian JIRA
(v6.1#6144)
