[
https://issues.apache.org/jira/browse/RANGER-3985?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17638631#comment-17638631
]
Jonas Hartwig commented on RANGER-3985:
---------------------------------------
Here is a proposal: https://github.com/apache/ranger/pull/191
> Trino plugin: Check table name when creating tables
> ---------------------------------------------------
>
> Key: RANGER-3985
> URL: https://issues.apache.org/jira/browse/RANGER-3985
> Project: Ranger
> Issue Type: Improvement
> Components: plugins
> Affects Versions: 2.3.0
> Reporter: Jonas Hartwig
> Priority: Major
> Fix For: 2.4.0
>
>
> The ranger rules to create tables in Trino currently check schema level to
> create.
> If this is set, anyone can create any table/view. There is no way to limit
> the naming of tables.
> However e.g. drop, alter rights are granted on table level. So user might
> create any table, but not remove them.
> To allow a more strict implementation view/table creation should verify table
> name as well.
> In that case the previous behaviour can be created by adding a rule to allow
> create on catalog/schema/*.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
