[jira] [Commented] (RANGER-4926) Alter Rename should not check for the CREATE permission on the database in which renamed table is created.

Sun, 19 Jan 2025 22:41:06 -0800 


    [ 
https://issues.apache.org/jira/browse/RANGER-4926?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17914555#comment-17914555
 ] 

Jalpan Randeri commented on RANGER-4926:
----------------------------------------

The `Create` permission check is essential in protection against the privilege 
escalatios.

 

Here’s the key issue:

If the {{Create}} permission is removed or bypassed, a user could potentially 
rename a table to one they own or one with different access control settings. 
This could effectively allow them to gain control over the table, which they 
otherwise wouldn’t be authorized to access, leading to unauthorized actions 
such as:
 * {*}Modifying Data{*}: Since the table is now under their ownership, they can 
alter its structure, add, delete, or update records.
 * {*}Access to Sensitive Information{*}: If the table contains sensitive data, 
removing the {{Create}} permission would bypass restrictions, allowing 
unauthorized users to potentially read or manipulate data that they shouldn't 
be able to access.
 * {*}Privilege Escalation{*}: The user could rename the table and manipulate 
it as though it were their own, escalating their privileges beyond what was 
originally granted.

By enforcing the {{Create}} permission, you're ensuring that the user cannot 
inadvertently or maliciously modify the access control list (ACL) of critical 
objects in the system. This kind of protection prevents scenarios where a user 
could escalate their privileges through actions like renaming, transferring, or 
reconfiguring database objects they don’t have permission to modify.

In summary, keeping the {{Create}} permission in place is a critical safeguard 
against privilege escalation.

> Alter Rename should not check for the CREATE permission on the database in 
> which renamed table is created.
> ----------------------------------------------------------------------------------------------------------
>
>                 Key: RANGER-4926
>                 URL: https://issues.apache.org/jira/browse/RANGER-4926
>             Project: Ranger
>          Issue Type: Bug
>          Components: Ranger
>    Affects Versions: 3.0.0
>            Reporter: Ramesh Mani
>            Assignee: Ramesh Mani
>            Priority: Blocker
>




--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Reply via email to