/support/notes/service/sap_logo.png){kind=logo}
SAP Knowledge Base Article - PreviewSymptom
- Granting SELECT privilege at the schema level provides access to all tables within the schema, including future tables.
- Attempting to restrict access to specific tables by executing REVOKE SELECT at the table level does not override the schema-level SELECT privilege.
- Users retain SELECT access to tables even after REVOKE SELECT is executed at the table level.
Read more...
Environment
SAP HANA Security & User Management
Product
SAP HANA, platform edition all versions
Keywords
sap hana, schema-level privileges, table-level revoke, additive privileges, authorization behavior, select privilege, schema grant, object revoke, deny mechanism, granular data protection, sensitive tables, compliance risks, security design, sap hana authorization concept, effective privileges, schema vs object privileges , KBA , HAN-DB-SEC , SAP HANA Security & User Management , Problem
About this page
This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).Search for additional results
Visit SAP Support Portal's SAP Notes and KBA Search.
/support/notes/service/facebook.svg)
/support/notes/service/twitter.svg)
/support/notes/service/youtube.svg)
/support/notes/service/linkedin.svg)
/support/notes/service/instagram2.svg)