Column level permissions was added to Hive default authorization in
HIVE-5837. That is why the TBL_COL_PRIV tables exists in the
metastore. The problem with default auth is it isn't really secure, as
anyone can grant anybody (including themselves) any privilege.
But Allen is correct that it doesn't work with the SQL Standard
Authorization added in Hive 0.14. The only method using SQL standard
auth out of the box is views. I believe using Apache Ranger (and maybe
Apache Sentry, I'm not sure) with SQL standard auth you can get column
level privileges.
Alan.
Nitin Pawar <mailto:[email protected]>
March 26, 2015 at 4:18
Column level security in hive was added at HIVE-5837
<https://issues.apache.org/jira/browse/HIVE-5837>
It has the PDF link for your readings.
https://cwiki.apache.org/confluence/display/Hive/AuthDev talks about
setting column level permissions
--
Nitin Pawar
Allen <mailto:[email protected]>
March 26, 2015 at 4:09
Thanks for your replay.
If we handle the privileges by creating views, it will lead to lots of
views in our database.
I found there is a table named TBL_COL_PRIV in hive metastore
database, maybe this table is related to column privilege,but it is
never used in hive. Anybody knew why?
--------------------------------
----- 原始邮件 -----
发件人:Daniel Haviv <[email protected]>
收件人:"[email protected]" <[email protected]>
主题:Re: how to set column level privileges
日期:2015年03月26日 18点42分
Create a view with the permitted columns and handle the privileges for it
Daniel
On 26 במרץ 2015, at 12:40, Allen <[email protected]
<mailto:[email protected]>> wrote: