rdblue commented on issue #16465: URL: https://github.com/apache/iceberg/issues/16465#issuecomment-4503087621
This requires trusting a malicious catalog, so this is not exploitable and urgent. My understanding is that the Key Vault service uses bearer tokens so this would allow an attacker to exfiltrate the client's ambient authentication token. This doesn't fit with the REST catalog model, where the ability to interact with a table is delegated from the service (which in this case is attacker-controlled) to the client. But in cases where the client has configured credentials for this service, we could address it by configuring the client to use only credentials provided by the catalog. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
