[ https://issues.apache.org/jira/browse/TRAFODION-1243?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15150835#comment-15150835 ]
Roberta Marton commented on TRAFODION-1243: ------------------------------------------- There is an argument that when updating a column you should also have select privilege. You can create an update request that could allow someone to figure out the contents of your data. For example update a column based on a name and SSN value. Changing the priority to minor and waiting until someone requests this behavior. > LP Bug: 1457493 - UPDATE requires SELECT access > ----------------------------------------------- > > Key: TRAFODION-1243 > URL: https://issues.apache.org/jira/browse/TRAFODION-1243 > Project: Apache Trafodion > Issue Type: Bug > Components: sql-cmp > Reporter: Cliff Gray > Assignee: Roberta Marton > Priority: Minor > Fix For: 2.0-incubating > > > Granting the UPDATE privilege to a user should be sufficient for them to > update a table, but the SELECT privilege is also required. > Test case: > As DB__ROOT > INITIALIZE AUTHORIZATION; -- If not already initialized > CREATE TABLE T1 (A INT NOT NULL); > GRANT UPDATE ON T1 TO SQL_USER1; > INSERT INTO T1 VALUES(0); > As SQL_USER1 > UPDATE T1 SET A = 1; > *** ERROR[4481] The user does not have SELECT privilege on table or view > TRAFODION.SCH.T1. > The error is reported in RelRoot::checkPrivileges(), but the problem (from > privilege viewpoint) is that the stoi has select access set to true. -- This message was sent by Atlassian JIRA (v6.3.4#6332)