THIS IS A TEST INSTANCE. ALL YOUR CHANGES WILL BE LOST!!!!
...
- Client authorization (default Hive authorization) This : This is the first and default authorization implementation. It can be enabled in hive the Hive command line or hive server2HiveServer2. However, when authorization is enabled in hive the Hive client, it can easily be disabled by the user. There is also the problem that the authorization model used by this mode is incomplete, and as a result has some serious gaps in security. For example, there is no restriction on which user can run a grant statement.
- Metastore server security (storage-based authorization): HDFS permissions provides provide access control for the data. Storage based authorization in hive the Hive metastore provides access control for the hive Hive metadata. This authorization mode provides secure authorization for hive commandline, hcatalog the Hive command line, HCatalog users such as pig Pig and mapreduceMapReduce, and hive server2 HiveServer2 users (when configured to run queries as the end user). However, the access control is at the database/table/partition level. It does not provide row or column level access control.
- SQL standards based authorization (introduced in Hive 0.13.0) Provides : Provides access control to users who run query queries via HiveServer2. It provides fine grained access control at row and column level through the use of views. It is not supported in hive commandlinethe Hive command line. Use of storage based authorization is reccomended recommended in conjunction with this mode, to provide authorization for hive commandline or hcatalog (pig/mapreduceHive command line or HCatalog (Pig/MapReduce) use cases.
Hive Client Authorization
...