[jira] [Commented] (HIVE-17701) Show historic queries only for admin users

Thejas M Nair (JIRA) Wed, 04 Oct 2017 17:58:24 -0700

    [ 
https://issues.apache.org/jira/browse/HIVE-17701?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16192320#comment-16192320
 ]


Thejas M Nair commented on HIVE-17701:
--------------------------------------

HttpServer.hasAdministratorAccess is used by other servlets such has config 
one, to check if user has admin privileges.


> Show historic queries only for admin users
> ------------------------------------------
>
>                 Key: HIVE-17701
>                 URL: https://issues.apache.org/jira/browse/HIVE-17701
>             Project: Hive
>          Issue Type: Bug
>          Components: HiveServer2
>            Reporter: Thejas M Nair
>            Assignee: Tao Li
>
> The HiveServer2 Web UI (HIVE-12550) shows recently completed queries. 
> However, a user can see the queries run by other users as well, and that is a 
> security/privacy concern.
> Only admin users should be allowed to see queries from other users (similar 
> to behavior of display for configs, stack trace etc).



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Commented] (HIVE-17701) Show historic queries only for admin users

Reply via email to