https://community.cloudera.com/t5/Support-Questions/hue-beexwax-privilege-hive-security/m-p/14072#M24264 <P>I do it with cm.</P><P><A target="_blank" href="http://www.cloudera.com/content/cloudera-content/cloudera-docs/CM5/latest/Configuring-Hadoop-Security-with-Cloudera-Manager/cm5chs_using_cm_sec_config.html">http://www.cloudera.com/content/cloudera-content/cloudera-docs/CM5/latest/Configuring-Hadoop-Security-with-Cloudera-Manager/cm5chs_using_cm_sec_config.html</A></P> Tue, 24 Jun 2014 10:15:12 GMT rube 2014-06-24T10:15:12Z https://community.cloudera.com/t5/Support-Questions/hue-beexwax-privilege-hive-security/m-p/13860#M24262 <P>Is there a way to forbidden the user drop hive table,</P><P>If do not want the user have DDL privilege ,how to do that?</P> Fri, 16 Sep 2022 09:00:39 GMT https://community.cloudera.com/t5/Support-Questions/hue-beexwax-privilege-hive-security/m-p/13860#M24262 rube 2022-09-16T09:00:39Z https://community.cloudera.com/t5/Support-Questions/hue-beexwax-privilege-hive-security/m-p/13866#M24263 The recommended way to do this is to use Sentry:<BR /><BR /><A target="_blank" href="http://sentry.incubator.apache.org/">http://sentry.incubator.apache.org/</A><BR /><A target="_blank" href="http://www.cloudera.com/content/cloudera-content/cloudera-docs/CDH5/latest/CDH5-Installation-Guide/cdh5ig_sentry_installation.html">http://www.cloudera.com/content/cloudera-content/cloudera-docs/CDH5/latest/CDH5-Installation-Guide/cdh5ig_sentry_installation.html</A><BR /><BR />Romain<BR /><BR /><BR /> Fri, 20 Jun 2014 05:46:05 GMT https://community.cloudera.com/t5/Support-Questions/hue-beexwax-privilege-hive-security/m-p/13866#M24263 Romainr 2014-06-20T05:46:05Z https://community.cloudera.com/t5/Support-Questions/hue-beexwax-privilege-hive-security/m-p/14072#M24264 <P>I do it with cm.</P><P><A target="_blank" href="http://www.cloudera.com/content/cloudera-content/cloudera-docs/CM5/latest/Configuring-Hadoop-Security-with-Cloudera-Manager/cm5chs_using_cm_sec_config.html">http://www.cloudera.com/content/cloudera-content/cloudera-docs/CM5/latest/Configuring-Hadoop-Security-with-Cloudera-Manager/cm5chs_using_cm_sec_config.html</A></P> Tue, 24 Jun 2014 10:15:12 GMT https://community.cloudera.com/t5/Support-Questions/hue-beexwax-privilege-hive-security/m-p/14072#M24264 rube 2014-06-24T10:15:12Z https://community.cloudera.com/t5/Support-Questions/hue-beexwax-privilege-hive-security/m-p/14102#M24265 The correct (but more complicated way) would be to use Sentry:<BR /><A target="_blank" href="http://www.cloudera.com/content/cloudera-content/cloudera-docs/CDH4/4.5.0/CDH4-Security-Guide/cdh4sg_Sentry.html">http://www.cloudera.com/content/cloudera-content/cloudera-docs/CDH4/4.5.0/CDH4-Security-Guide/cdh4sg_Sentry.html</A><BR /><BR />The other alternative is to remove the metastore DDL permissions in the<BR />groups of your users: <A target="_blank" href="https://www.dropbox.com/s/nbv0wwpybwlsm67/hue-ddl.png,">https://www.dropbox.com/s/nbv0wwpybwlsm67/hue-ddl.png,</A><BR />but this will not secure the SQL like DROP table<BR /><BR />Romain<BR /><BR /> Tue, 24 Jun 2014 17:01:05 GMT https://community.cloudera.com/t5/Support-Questions/hue-beexwax-privilege-hive-security/m-p/14102#M24265 Romainr 2014-06-24T17:01:05Z https://community.cloudera.com/t5/Support-Questions/hue-beexwax-privilege-hive-security/m-p/14124#M24266 <P>Thank you very much.</P><P>It works with sentry.</P> Wed, 25 Jun 2014 01:34:18 GMT https://community.cloudera.com/t5/Support-Questions/hue-beexwax-privilege-hive-security/m-p/14124#M24266 rube 2014-06-25T01:34:18Z