Currently one cannot grant privileges on granting, which does seem a bit limiting. This can be rationalized that hive authorization is only a deterrent against first-order mistakes and idiocy, rather than a fully functioning authorization system. This is reasonable since most of the actively malicious things one may wish to do can be done just as easily through HDFS, so it's not worth putting much effort into a system so easily circumvented. Issues such as https://issues.apache.org/jira/browse/HIVE-1943 demonstrate this as well. With hardened security now available in HDFS, it's worth revisiting and strengthening these authentication options.
-Jakob On Wed, Jul 20, 2011 at 6:03 AM, Guy Doulberg <guy.doulb...@conduit.com> wrote: > Hi, > > > > I was playing with the Hive Authorization system…. > > > > It seems to me a user can Grant himslef privileges… > > > > Can an administrator can prohibit user to grant them self privileges? > > > > Thanks > > Guy Doulberg > > > >
