[
https://issues.apache.org/jira/browse/PIG-987?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12761365#action_12761365
]
Yan Zhou commented on PIG-987:
------------------------------
During STORE, the storage hint is enhanced to take a new "secure by" section,
e.g.,
[c1,c2] secure by group:secure perm:640
meaning the column group of columns "c1" and "c2" will belong to group "secure"
with file permission octal value of 0640 which, in turn, means read+write for
user, read for group and non for others.
After Zebra table creation, all files and directories inside the secured column
group will have the same permision and group membership within the table.
If a column group is not secured, the default behavoir is determined by the
HADOOP MAP/REDUCE default permision and group membership set upon the new
files and directories.
> Zebra Column Group Access Control
> ---------------------------------
>
> Key: PIG-987
> URL: https://issues.apache.org/jira/browse/PIG-987
> Project: Pig
> Issue Type: New Feature
> Affects Versions: 0.6.0
> Reporter: Yan Zhou
> Assignee: Yan Zhou
> Attachments: ColumnGroupSecurity.patch
>
>
> Access Control: when processes try to read from the column groups, Zebra
> should be able to handle allowed vs. disallowed user/application accesses.
> Expected behavior when column group permissions are set:
> When user selects only columns that they do not have permissions to
> access, Zebra should return error with message "Error #: Permission denied
> for accessing column <column name or names>
> Access control applies to an entire column group, so all columns in a column
> group have same permissions.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
