Complementary article to Hive CLI security to clarify the risk of using Hive CLI. Hive CLI ( or Hive shell ) is not recommended and Apache asked users to move to Beeline even if it's still supported by Hortonworks ( HDP2.6 )
Ranger Hive plugin does not enforce permissions for Hive CLI users however it doesn’t bypass systematically
“All” Ranger policies, it bypass only hive policies.
This risk is therefore for all hive managed tables. ( ones under
All external DB/Tables will still be protected by HDFS policies.