Commit af1b3da5 authored by unknown's avatar unknown

Bug#17254: Error for DEFINER security on VIEW provides too much info

If a view was created with the DEFINER security and later the definer user
was dropped then a SELECT from the view throws the error message saying that
there is no definer user is registered. This is ok for a root but too much
for a mere user.

Now the st_table_list::prepare_view_securety_context() function reveals
the absence of the definer only to a superuser and throws the 'access denied'
error to others.


mysql-test/t/view_grant.test:
  Added a test case for bug#17254: Error for DEFINER security on VIEW provides too much info
mysql-test/r/view_grant.result:
  Added a test case for bug#17254: Error for DEFINER security on VIEW provides too much info
sql/table.cc:
  Bug#17254: Error for DEFINER security on VIEW provides too much info
  Now the st_table_list::prepare_view_securety_context() function reveals
  the absence of the definer only to a superuser and throws the 'access denied'
  error to others.
parent c0f63d85
...@@ -712,3 +712,23 @@ DROP FUNCTION f1; ...@@ -712,3 +712,23 @@ DROP FUNCTION f1;
DROP VIEW v2; DROP VIEW v2;
DROP VIEW v1; DROP VIEW v1;
DROP USER mysqltest_u1@localhost; DROP USER mysqltest_u1@localhost;
CREATE DATABASE db17254;
USE db17254;
CREATE TABLE t1 (f1 INT);
INSERT INTO t1 VALUES (10),(20);
CREATE USER def_17254@localhost;
GRANT SELECT ON db17254.* TO def_17254@localhost;
CREATE USER inv_17254@localhost;
GRANT SELECT ON db17254.t1 TO inv_17254@localhost;
GRANT CREATE VIEW ON db17254.* TO def_17254@localhost;
CREATE VIEW v1 AS SELECT * FROM t1;
DROP USER def_17254@localhost;
for a user
SELECT * FROM v1;
ERROR 42000: SELECT command denied to user 'inv_17254'@'localhost' for table 'v1
'
for a superuser
SELECT * FROM v1;
ERROR HY000: There is no 'def_17254'@'localhost' registered
DROP USER inv_17254@localhost;
DROP DATABASE db17254;
...@@ -927,4 +927,41 @@ DROP VIEW v2; ...@@ -927,4 +927,41 @@ DROP VIEW v2;
DROP VIEW v1; DROP VIEW v1;
DROP USER mysqltest_u1@localhost; DROP USER mysqltest_u1@localhost;
#
# Bug#17254: Error for DEFINER security on VIEW provides too much info
#
connect (root,localhost,root,,);
connection root;
CREATE DATABASE db17254;
USE db17254;
CREATE TABLE t1 (f1 INT);
INSERT INTO t1 VALUES (10),(20);
CREATE USER def_17254@localhost;
GRANT SELECT ON db17254.* TO def_17254@localhost;
CREATE USER inv_17254@localhost;
GRANT SELECT ON db17254.t1 TO inv_17254@localhost;
GRANT CREATE VIEW ON db17254.* TO def_17254@localhost;
connect (def,localhost,def_17254,,db17254);
connection def;
CREATE VIEW v1 AS SELECT * FROM t1;
connection root;
DROP USER def_17254@localhost;
connect (inv,localhost,inv_17254,,db17254);
connection inv;
--echo for a user
--error 1142
SELECT * FROM v1;
connection root;
--echo for a superuser
--error 1449
SELECT * FROM v1;
DROP USER inv_17254@localhost;
DROP DATABASE db17254;
disconnect def;
disconnect inv;
# End of 5.0 tests. # End of 5.0 tests.
...@@ -2457,8 +2457,19 @@ bool st_table_list::prepare_view_securety_context(THD *thd) ...@@ -2457,8 +2457,19 @@ bool st_table_list::prepare_view_securety_context(THD *thd)
definer.user.str, definer.host.str); definer.user.str, definer.host.str);
} }
else else
{
if (thd->security_ctx->master_access & SUPER_ACL)
{ {
my_error(ER_NO_SUCH_USER, MYF(0), definer.user.str, definer.host.str); my_error(ER_NO_SUCH_USER, MYF(0), definer.user.str, definer.host.str);
}
else
{
my_error(ER_ACCESS_DENIED_ERROR, MYF(0),
thd->security_ctx->priv_user,
thd->security_ctx->priv_host,
(thd->password ? ER(ER_YES) : ER(ER_NO)));
}
DBUG_RETURN(TRUE); DBUG_RETURN(TRUE);
} }
} }
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment