• evgen@sunlight.local's avatar
    Bug#29908: A user can gain additional access through the ALTER VIEW. · ef75db8c
    evgen@sunlight.local authored
    Non-definer of a view was allowed to alter that view. Due to this the alterer
    can elevate his access rights to access rights of the view definer and thus
    modify data which he wasn't allowed to modify. A view defined with
    SQL SECURITY INVOKER can't be used directly for access rights elevation.
    But a user can first alter the view SQL code and then alter the view to 
    SQL SECURITY DEFINER and thus elevate his access rights. Due to this
    altering a view with SQL SECURITY INVOKER is also prohibited.
    
    Now the mysql_create_view function allows ALTER VIEW only to the view
    definer or a super user. 
    ef75db8c
sql_view.cc 53.7 KB