rdblue commented on issue #16479: URL: https://github.com/apache/iceberg/issues/16479#issuecomment-4503631628
If I'm reading this report correctly, the attacker has access to run DDL and the impact is that the attacker can cause databases and tables to be created, but likely cannot control the content or structure of those created objects. This doesn't sound like an issue to me. It may be the wrong design choice to create catalog objects when reading, but it isn't a security vulnerability. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
