[ https://issues.apache.org/jira/browse/TRAFODION-1882?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15380333#comment-15380333 ]
Roberta Marton commented on TRAFODION-1882: ------------------------------------------- The column privilege check code was not looking at the column ordinal during the WGO check. > Column Privilege: a user can grant column privilege to others when the user > doesn't have privilege on the column > ---------------------------------------------------------------------------------------------------------------- > > Key: TRAFODION-1882 > URL: https://issues.apache.org/jira/browse/TRAFODION-1882 > Project: Apache Trafodion > Issue Type: Bug > Components: sql-security > Reporter: Gao, Rui-Xian > Assignee: Roberta Marton > > dbroot: > SQL> grant select(a), delete,insert(a), update(a) on t1 to user2 with > grant option; > --- SQL operation complete. > > User2: > qi_mxci2> set schema my_sec_test; > --- SQL operation complete. > > qi_mxci2> grant select(a), delete on t1 to user5; > --- SQL operation complete. > > qi_mxci2> grant select(b) on t1 to user5; > --- SQL operation complete. > user2 doesn’t have select privilege on column b but can grant the privilege > to other user. It should get ERROR[4481] here. -- This message was sent by Atlassian JIRA (v6.3.4#6332)