Uploaded image for project: 'Ranger'
  1. Ranger
  2. RANGER-116

Modify DB permissions for xalogger/xaadmin user accounts

    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 0.4.0
    • Component/s: None
    • Labels:
      None

      Description

      The default permissions granted to the database users appear to be higher than necessary. The user for the audit log 'xalogger' has full access to all tables in all databases, even ones not related to xasecure. This could raise concerns in a shared environment.

      Permissions should be restricted to only allow what is required. xalogger user should have only insert privileges in only xa_access_audit table. xaadmin user need select privilege on xa_access_audit table. xaadmin user should have privileges only on xasecure and xasecure_audit databases.

        Attachments

          Activity

            People

            • Assignee:
              vel Velmurugan Periasamy
              Reporter:
              vel Velmurugan Periasamy
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: