Sai Hemanth Gantasala created HIVE-26799:
--------------------------------------------
Summary: Make authorizations on custom UDFs involved in
tables/view configurable.
Key: HIVE-26799
URL: https://issues.apache.org/jira/browse/HIVE-26799
Project: Hive
Issue Type: New Feature
Components: HiveServer2, Security
Affects Versions: 4.0.0-alpha-2
Reporter: Sai Hemanth Gantasala
Assignee: Sai Hemanth Gantasala
When Hive is using Ranger/Sentry as an authorization service, consider the
following scenario.
{code:java}
> create table test_udf(st string); // privileged user operation
> create function Udf_UPPER as 'openkb.hive.udf.MyUpper' using jar
> 'hdfs:///tmp/MyUpperUDF-1.0.0.jar'; // privileged user operation
> create view v1_udf as select udf_upper(st) from test_udf; // privileged user
> operation
//unprivileged user test_user is given select permissions on view v1_udf
> select * from v1_udf; {code}
It is expected that test_user needs to have select privilege on v1_udf and
select permissions on udf_upper custom UDF in order to do a select query on
view.
This patch introduces a configuration
"hive.security.authorization.functions.in.view"=false which disables
authorization on views associated with views/tables during the select query. In
this mode, only UDFs explicitly stated in the query would still be authorized
as it is currently.
The reason for making these custom UDFs associated with view/tables
authorizable is that currently, test_user will need to be granted select
permissions on the custom udf. and the test_user can use this UDF and query
against any other table, which is a security concern.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
