[jira] [Closed] (TRAFODION-1200) LP Bug: 1447336 - DB__ROOTROLE not equivalent to DB__ROOT

["Roberta Marton (JIRA)" <ji...@apache.org>]

     [ https://issues.apache.org/jira/browse/TRAFODION-1200?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Roberta Marton closed TRAFODION-1200.
-------------------------------------
    Resolution: Fixed

Fixed as part of pull request #69

> LP Bug: 1447336 - DB__ROOTROLE not equivalent to DB__ROOT
> ---------------------------------------------------------
>
>                 Key: TRAFODION-1200
>                 URL: https://issues.apache.org/jira/browse/TRAFODION-1200
>             Project: Apache Trafodion
>          Issue Type: Bug
>          Components: sql-security
>            Reporter: Cliff Gray
>            Assignee: Roberta Marton
>            Priority: Critical
>             Fix For: 2.0-incubating
>
>
> The intent of DB__ROOTROLE is to grant DB__ROOT authority to non-anonymous users.  There are several operations an administrator may need to perform that cannot be granted to DB__ROOTROLE (or any role or user) and therefore DB__ROOT is required.
> 1. DML Privileges
> DB__ROOT can select from, insert into, update, reference, etc.  for any object.  Need to be able to grant DML privileges at the system level.  Component privileges for each DML privilege, and corresponding WITH GRANT OPTION privilege are required.
> 2. Revoking existing grants
> Bug 1447330 describes this problem for object and column grants and 1447328 describes the problem for component (system) grants.  When schema privileges are added, a method needs to be provided for non-DB__ROOT users to revoke schema grants as well.
> 3. Grant privileges
> The needs to be a method for non-DB__ROOT users to grant privileges at the system (component), schema, object, and column-levels.  This includes both DDL and DML privileges as applicable.   Related, there needs to be a method to grant privileges on behalf of a specific user or role.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)