[
https://issues.apache.org/jira/browse/CASSANDRA-8650?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14303233#comment-14303233
]
Aleksey Yeschenko commented on CASSANDRA-8650:
----------------------------------------------
bq. It might be a good idea to split the two commits between this ticket and
7216. So if nobody objects I will re-open it, attach the second commit there
and make it dependant on this.
Makes sense to me.
The rest LGTM, conceptually. Will review once split.
> Creation and maintenance of roles should not require superuser status
> ---------------------------------------------------------------------
>
> Key: CASSANDRA-8650
> URL: https://issues.apache.org/jira/browse/CASSANDRA-8650
> Project: Cassandra
> Issue Type: Sub-task
> Components: Core
> Reporter: Sam Tunnicliffe
> Assignee: Sam Tunnicliffe
> Labels: cql, security
> Fix For: 3.0
>
> Attachments: 8650-v2.txt, 8650.txt
>
>
> Currently, only roles with superuser status are permitted to
> create/drop/grant/revoke roles, which violates the principal of least
> privilege. In addition, in order to run {{ALTER ROLE}} statements a user must
> log in directly as that role or else be a superuser. This requirement
> increases the (ab)use of superuser privileges, especially where roles are
> created without {{LOGIN}} privileges to model groups of permissions granted
> to individual db users. In this scenario, a superuser is always required if
> such roles are to be granted and modified.
> We should add more granular permissions to allow administration of roles
> without requiring superuser status.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
