Gao, Rui-Xian created TRAFODION-2244:
----------------------------------------
Summary: a user who has been granted drop_table privilege can
cleanup any object
Key: TRAFODION-2244
URL: https://issues.apache.org/jira/browse/TRAFODION-2244
Project: Apache Trafodion
Issue Type: Bug
Components: sql-security
Environment: cdh5.4.8
centos6.7
Reporter: Gao, Rui-Xian
Assignee: Roberta Marton
a user who has been granted drop_table privilege can cleanup any object that he
doesn't have privileges to drop.
connect as testuser1:
create schema testuser1_sch;
set schema testuser1_sch;
create table t5( a int, b int);
create view v5 as select * from t5;
create index idx5 on t5(a);
connect as DB__ROOT -
grant component privilege DROP_TABLE on sql_operations to testuser2;
connect as testuser2 -
SQL> cleanup table t5;
--- SQL operation complete.
SQL>cleanup object v5;
--- SQL operation complete.
SQL>cleanup index idx5;
--- SQL operation complete.
SQL>cleanup schema testuser1_sch;
--- SQL operation complete.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
