cassandra-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Aleksey Yeschenko (JIRA)" <>
Subject [jira] [Commented] (CASSANDRA-8163) Complete restriction of a user to given keyspace
Date Wed, 22 Oct 2014 14:25:34 GMT


Aleksey Yeschenko commented on CASSANDRA-8163:

I know. But given how this is not a critical issue, I'd rather wait for a proper solution.

Because it's most certainly not *slightly* annoying - would need extra restrictions, and extra
filtering out the results (like removing things the client isn't supposed to see from SELECT
* FROM system.schema_keyspaces resultset).

> Complete restriction of a user to given keyspace
> ------------------------------------------------
>                 Key: CASSANDRA-8163
>                 URL:
>             Project: Cassandra
>          Issue Type: Improvement
>            Reporter: Vishy Kasar
> We have a cluster like this:
> project1_keyspace
> table101
> table102
> project2_keyspace
> table201
> table202
> We have set up following users and grants:
> project1_user has all access to project1_keyspace 
> project2_user has all access to project2_keyspace
> However project1_user can still do a 'describe schema' and get the schema for project2_keyspace
as well. We do not want project1_user to have any knowledge for project2 in any way (cqlsh/java-driver
etc) .

This message was sent by Atlassian JIRA

View raw message