Using a White List with Fallback Hive Authorizer

You can add an exception to Fallback Hive Authorizer restrictions using the hive.security.authorization.sqlstd.confwhitelist.append property.

The hive.security.authorization.sqlstd.confwhitelist property is list of comma-separated Java regexes that you can append to. Appending to this list instead of updating the original list means that you can append to the default set by SQL-standard authorization instead of replacing it entirely.

You can modify the configurations parameters that match these regexes when SQL-standard authorization is enabled.

To get the default value, use the set <param> command. The hive.conf.restricted.list checks are still enforced after the white-list check.

An example of a white-list configuration is as follows:
<property>
  <name>hive.security.authorization.sqlstd.confwhitelist.append</name>
  <value>hive.reloadable.aux.jars.path</value>
</property>
After adding this configuration to the hive-site.xml file, execute the following command:
set hive.reloadable.aux.jars.path=/path/to/jar