This is the default authorization mode in Hive, providing column- and row-level authorization through HQL statements. However, it is not a completely secure authorization mode and has a couple of limitations. It can be mainly used to prevent good users from accidentally doing bad things rather than preventing malicious user operations. In order to enable legacy authorization mode, we need to set the following properties in hive-site.xml:

<property>
<name>hive.security.authorization.enabled</name>
<value>true</value>
<description>enables or disable the hive client authorization
</description>
</property>

<property>
<name>hive.security.authorization.createtable.owner.grants</name>
<value>ALL</value>
<description>the privileges automatically granted to the owner whenever a table gets created. An example like "select, drop" will grant select and drop privilege to the owner of the table.
</description>
</property>

Since this is not a secure authorization mode, we will not discuss it in any more detail here. For more HQL support in legacy authorization mode, please refer to the Hive wiki at https://cwiki.apache.org/confluence/display/Hive/Hive+Default+Authorization+-+Legacy+Mode.