You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@trafodion.apache.org by "Hans Zeller (JIRA)" <ji...@apache.org> on 2017/03/28 20:50:41 UTC

[jira] [Created] (TRAFODION-2555) Document security implications of UDRs more clearly

Hans Zeller created TRAFODION-2555:
--------------------------------------

             Summary: Document security implications of UDRs more clearly
                 Key: TRAFODION-2555
                 URL: https://issues.apache.org/jira/browse/TRAFODION-2555
             Project: Apache Trafodion
          Issue Type: Bug
            Reporter: Hans Zeller
            Assignee: Hans Zeller


Right now, our manuals don't make it clear enough that Trafodion UDRs (User-defined Routines, that is a general term for UDFs and stored procedures) are "trusted". "Trusted" in this context means that they run as the Trafodion user id and therefore the code can bypass any security check and access any data stored in the Trafodion cluster. This is similar to trusted UDRs in other database systems like Oracle or DB2. Trafodion currently does not support the "isolated" flavor (called "fenced" in DB2). We need to add this information to the documentation we have.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)