ctubbsii commented on PR #5699: URL: https://github.com/apache/accumulo/pull/5699#issuecomment-3033296795
The intended behavior is that the root user (or any user granted "SYSTEM" permission does not automatically get additional privileges to read/write/alter user tables). This follows the principle of least privilege, where the root user (or a delegated user with "SYSTEM" permission) has permissions to administer the system, but does not automatically have permission to do things to user data. As a privileged user, the root user (or delegate) can grant themselves permissions, but that is intentionally a second step. This limits the harm a privileged user can do unintentionally to user data. This follows conventions in traditional RDBMS systems where the root/system user does not automatically have read/write/alter table permissions for a user's table in a database. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@accumulo.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
