rdblue commented on issue #16466: URL: https://github.com/apache/iceberg/issues/16466#issuecomment-4503130891
I think that this report relies on an attacker that has the ability to create or modify a table in the BigQuery metastore. Then this will lead to BigQuery vending credentials. The result appears to be either that anyone with the ability to load the table will be able to use the vended credentials, or that dropping the table will cause either the client or BigQuery to delete data. The attack surface area appears to be entirely within BigQuery, which I would expect to enforce privileges to lock down who can alter `metadata_location` and to validate the metadata that is set. Catalogs also typically associate storage locations with tables and only vend credentials for those locations, which prevents attacks like this from succeeding because the credential doesn't have access to read or delete the arbitrary locations that the attacker pointed metadata to. There are quite a few concerns over how BigQuery may or may not function, but I don't think any of these are real issues with the Iceberg client. These are design concerns for the catalog. I'm going to close this because Iceberg is not the right place to ask these questions. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
