See https://issues.apache.org/jira/browse/HIVE-5837 for a JIRA addressing this.
Also, you can use the StorageBasedAuthorizationProvider in Hive, which bases metadata security on file security. So if the user doesn't have permissions to remove the directory that stores the table data, they won't have permissions to drop the table. This isn't perfect, but it's a start. Alan. On Nov 22, 2013, at 11:49 AM, <simon.2.thomp...@bt.com> <simon.2.thomp...@bt.com> wrote: > Has no one raised a Jira ticket ? > > ---- > Dr. Simon Thompson > > ________________________________________ > From: Biswajit Nayak [biswajit.na...@inmobi.com] > Sent: 22 November 2013 19:45 > To: user@hive.apache.org > Subject: Re: How to prevent user drop table in Hive metadata? > > Hi Echo, > > I dont think there is any to prevent this. I had the same concern in hbase, > but found out that it is assumed that user using the system are very much > aware of it. I am into hive from last 3 months, was looking for some kind of > way here, but no luck till now.. > > Thanks > Biswa > > On 23 Nov 2013 01:06, "Echo Li" <echo...@gmail.com<mailto:echo...@gmail.com>> > wrote: > Good Friday! > > I was trying to apply certain level of security in our hive data warehouse, > by modifying access mode of directories and files on hdfs to 755 I think it's > good enough for a new user to remove data, however the user still can drop > the table definition in hive cli, seems the "revoke" doesn't help much, is > there any way to prevent this? > > > Thanks, > Echo > > _____________________________________________________________ > The information contained in this communication is intended solely for the > use of the individual or entity to whom it is addressed and others authorized > to receive it. It may contain confidential or legally privileged information. > If you are not the intended recipient you are hereby notified that any > disclosure, copying, distribution or taking any action in reliance on the > contents of this information is strictly prohibited and may be unlawful. If > you have received this communication in error, please notify us immediately > by responding to this email and then delete it from your system. The firm is > neither liable for the proper and complete transmission of the information > contained in this communication nor for any delay in its receipt. -- CONFIDENTIALITY NOTICE NOTICE: This message is intended for the use of the individual or entity to which it is addressed and may contain information that is confidential, privileged and exempt from disclosure under applicable law. If the reader of this message is not the intended recipient, you are hereby notified that any printing, copying, dissemination, distribution, disclosure or forwarding of this communication is strictly prohibited. If you have received this communication in error, please contact the sender immediately and delete it from your system. Thank You.
