[ https://issues.apache.org/jira/browse/HIVE-6629?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13931845#comment-13931845 ]
Brock Noland commented on HIVE-6629: ------------------------------------ bq. I am fine changing the action of "set role none" to be specified by "set role all". It might also make sense to reserve the use of "default" role for future. This makes sense to me. Unless there is disagreement in the new couple hours I'll go ahead and create a patch to that effect. > Discuss SET ROLE NONE > --------------------- > > Key: HIVE-6629 > URL: https://issues.apache.org/jira/browse/HIVE-6629 > Project: Hive > Issue Type: Task > Affects Versions: 0.13.0 > Reporter: Brock Noland > Priority: Blocker > Fix For: 0.13.0 > > > I understand this is well after it's been implemented. However, I think we > need to discuss the counter-intuitive SET ROLE semantics before we release > 0.13. > The new Hive Authz work implements "SET ROLE NONE" similar to MySQL meaning > that "SET ROLE NONE" actually sets your role to the default. This is > extremely counter-intuitive. > * > [Oracle|http://docs.oracle.com/cd/B19306_01/server.102/b14200/statements_10004.htm] > > * > [Informix|http://pic.dhe.ibm.com/infocenter/idshelp/v117/index.jsp?topic=%2Fcom.ibm.sqls.doc%2Fids_sqs_1186.htm] > * [Vertica|https://my.vertica.com/docs/5.1.6/HTML/index.htm#15645.htm] > * > [SAP|http://www.sapdb.org/htmhelp/44/a17998442911d3a98200a0c9449261/content.htm] > All of the widely deployed databases above have "SET ROLE NONE" disable all > privileges. Those databases have the intuitive "SET ROLE ALL" or "SET ROLE > DEFAULT" enable all privileges. -- This message was sent by Atlassian JIRA (v6.2#6252)