Uploaded image for project: 'Hive'
  1. Hive
  2. HIVE-21849

Carry over encryption table property to derived tables

    XMLWordPrintableJSON

    Details

    • Type: Task
    • Status: Open
    • Priority: Major
    • Resolution: Unresolved
    • Affects Version/s: 3.0.1
    • Fix Version/s: 3.0.1
    • Component/s: HiveServer2
    • Labels:
      None
    • Target Version/s:

      Description

      HIVE-21848 proposed to have a set of table properties to configure the ORC and Parquet encryption. In the scenario of CTLT and CTAS, the new table needs to have the same encryption table properties because they have the same type of sensitive data.

      Furthermore, in the situation like 'insert into', if the source table has encrypted sensitive data but the destination doesn't have corresponding table property to define the encryption, then destination table will keep it as plaintext and hence leaks sensitive data. 

      The fix is to carry over table properties for those selected columns from the source table to the destination table. 

      The code change is working as a prototype.  I will share it out later after HIVE-21848 has an agreement in the community.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                shangx@uber.com Xinli Shang
                Reporter:
                shangx@uber.com Xinli Shang
              • Votes:
                0 Vote for this issue
                Watchers:
                2 Start watching this issue

                Dates

                • Due:
                  Created:
                  Updated: