Commit c655515d authored by V S Murthy Sidagam's avatar V S Murthy Sidagam

Bug #20683237 BACKPORT 19817663 TO 5.1 and 5.5

Restrict when user table hashes can be viewed. Require SUPER privileges.
parent eb79ead4
......@@ -18,7 +18,7 @@ current_user()
second_user@localhost
show grants for current_user();
Grants for second_user@localhost
GRANT USAGE ON *.* TO 'second_user'@'localhost' IDENTIFIED BY PASSWORD '*13843FE600B19A81E32AF50D4A6FED25875FF1F3'
GRANT USAGE ON *.* TO 'second_user'@'localhost' IDENTIFIED BY PASSWORD <secret>
GRANT SELECT ON `mysqltest`.`t9` TO 'second_user'@'localhost'
prepare s_t9 from 'select c1 as my_col
from t9 where c1= 1' ;
......@@ -42,7 +42,7 @@ GRANT SELECT ON `mysqltest`.`t9` TO 'second_user'@'localhost'
GRANT SELECT ON `mysqltest`.`t1` TO 'second_user'@'localhost'
show grants for second_user@localhost ;
Grants for second_user@localhost
GRANT USAGE ON *.* TO 'second_user'@'localhost' IDENTIFIED BY PASSWORD '*13843FE600B19A81E32AF50D4A6FED25875FF1F3'
GRANT USAGE ON *.* TO 'second_user'@'localhost' IDENTIFIED BY PASSWORD <secret>
GRANT SELECT ON `mysqltest`.`t9` TO 'second_user'@'localhost'
GRANT SELECT ON `mysqltest`.`t1` TO 'second_user'@'localhost'
prepare s_t1 from 'select a as my_col from t1' ;
......@@ -63,7 +63,7 @@ GRANT USAGE ON *.* TO 'second_user'@'localhost' IDENTIFIED BY PASSWORD '*13843FE
GRANT SELECT ON `mysqltest`.`t9` TO 'second_user'@'localhost'
show grants for second_user@localhost ;
Grants for second_user@localhost
GRANT USAGE ON *.* TO 'second_user'@'localhost' IDENTIFIED BY PASSWORD '*13843FE600B19A81E32AF50D4A6FED25875FF1F3'
GRANT USAGE ON *.* TO 'second_user'@'localhost' IDENTIFIED BY PASSWORD <secret>
GRANT SELECT ON `mysqltest`.`t9` TO 'second_user'@'localhost'
execute s_t1 ;
ERROR 42000: SELECT command denied to user 'second_user'@'localhost' for table 't1'
......
......@@ -189,7 +189,7 @@ current_user
test_yesprivs@localhost
show grants;
Grants for test_yesprivs@localhost
GRANT UPDATE, TRIGGER ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD '*C49735D016A099C0CF104EF9183F374A54CA2576'
GRANT UPDATE, TRIGGER ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD <secret>
create trigger trg4a_2 before INSERT on t1 for each row
set new.f1 = 'trig 3.5.3.7-2a';
insert into t1 (f1) values ('insert 3.5.3.7-2b');
......@@ -220,7 +220,7 @@ GRANT TRIGGER ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD '*C49
GRANT UPDATE ON `priv_db`.* TO 'test_yesprivs'@'localhost'
show grants;
Grants for test_noprivs@localhost
GRANT USAGE ON *.* TO 'test_noprivs'@'localhost' IDENTIFIED BY PASSWORD '*C49735D016A099C0CF104EF9183F374A54CA2576'
GRANT USAGE ON *.* TO 'test_noprivs'@'localhost' IDENTIFIED BY PASSWORD <secret>
GRANT SELECT, INSERT, DELETE, CREATE, DROP, REFERENCES, INDEX, ALTER, CREATE TEMPORARY TABLES, LOCK TABLES, EXECUTE, CREATE VIEW, SHOW VIEW, CREATE ROUTINE, ALTER ROUTINE, EVENT, TRIGGER ON `priv_db`.* TO 'test_noprivs'@'localhost'
use priv_db;
create trigger trg4b_1 before UPDATE on t1 for each row
......@@ -247,7 +247,7 @@ trig 3.5.3.7-2a
drop trigger trg4b_1;
show grants;
Grants for test_yesprivs@localhost
GRANT TRIGGER ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD '*C49735D016A099C0CF104EF9183F374A54CA2576'
GRANT TRIGGER ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD <secret>
GRANT UPDATE ON `priv_db`.* TO 'test_yesprivs'@'localhost'
use priv_db;
create trigger trg4b_2 before UPDATE on t1 for each row
......@@ -292,7 +292,7 @@ GRANT TRIGGER ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD '*C49
GRANT UPDATE ON `priv_db`.`t1` TO 'test_yesprivs'@'localhost'
show grants;
Grants for test_noprivs@localhost
GRANT TRIGGER ON *.* TO 'test_noprivs'@'localhost' IDENTIFIED BY PASSWORD '*C49735D016A099C0CF104EF9183F374A54CA2576'
GRANT TRIGGER ON *.* TO 'test_noprivs'@'localhost' IDENTIFIED BY PASSWORD <secret>
GRANT SELECT, INSERT, DELETE, CREATE, DROP, REFERENCES, INDEX, ALTER, CREATE VIEW, SHOW VIEW, TRIGGER ON `priv_db`.`t1` TO 'test_noprivs'@'localhost'
use priv_db;
create trigger trg4c_1 before INSERT on t1 for each row
......@@ -311,7 +311,7 @@ trig 3.5.3.7-2b
drop trigger trg4c_1;
show grants;
Grants for test_yesprivs@localhost
GRANT TRIGGER ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD '*C49735D016A099C0CF104EF9183F374A54CA2576'
GRANT TRIGGER ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD <secret>
GRANT UPDATE ON `priv_db`.`t1` TO 'test_yesprivs'@'localhost'
use priv_db;
create trigger trg4c_2 before INSERT on t1 for each row
......@@ -345,7 +345,7 @@ Grants for test_noprivs@%
GRANT TRIGGER ON *.* TO 'test_noprivs'@'%'
show grants;
Grants for test_noprivs@localhost
GRANT TRIGGER ON *.* TO 'test_noprivs'@'localhost' IDENTIFIED BY PASSWORD '*C49735D016A099C0CF104EF9183F374A54CA2576'
GRANT TRIGGER ON *.* TO 'test_noprivs'@'localhost' IDENTIFIED BY PASSWORD <secret>
GRANT SELECT (f1), INSERT (f1) ON `priv_db`.`t1` TO 'test_noprivs'@'localhost'
use priv_db;
create trigger trg4d_1 before INSERT on t1 for each row
......@@ -365,7 +365,7 @@ trig 3.5.3.7-2c
drop trigger trg4d_1;
show grants;
Grants for test_yesprivs@localhost
GRANT TRIGGER ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD '*C49735D016A099C0CF104EF9183F374A54CA2576'
GRANT TRIGGER ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD <secret>
GRANT UPDATE (f1) ON `priv_db`.`t1` TO 'test_yesprivs'@'localhost'
use priv_db;
create trigger trg4d_2 before INSERT on t1 for each row
......@@ -422,7 +422,7 @@ current_user
test_yesprivs@localhost
show grants;
Grants for test_yesprivs@localhost
GRANT SELECT, TRIGGER ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD '*C49735D016A099C0CF104EF9183F374A54CA2576'
GRANT SELECT, TRIGGER ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD <secret>
create trigger trg5a_2 before INSERT on t1 for each row
set @test_var= new.f1;
set @test_var= 'before trig 3.5.3.8-2a';
......@@ -454,7 +454,7 @@ GRANT TRIGGER ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD '*C49
GRANT SELECT ON `priv_db`.* TO 'test_yesprivs'@'localhost'
show grants;
Grants for test_noprivs@localhost
GRANT TRIGGER ON *.* TO 'test_noprivs'@'localhost' IDENTIFIED BY PASSWORD '*C49735D016A099C0CF104EF9183F374A54CA2576'
GRANT TRIGGER ON *.* TO 'test_noprivs'@'localhost' IDENTIFIED BY PASSWORD <secret>
GRANT INSERT, UPDATE, DELETE, CREATE, DROP, REFERENCES, INDEX, ALTER, CREATE TEMPORARY TABLES, LOCK TABLES, EXECUTE, CREATE VIEW, SHOW VIEW, CREATE ROUTINE, ALTER ROUTINE, EVENT, TRIGGER ON `priv_db`.* TO 'test_noprivs'@'localhost'
use priv_db;
create trigger trg5b_1 before UPDATE on t1 for each row
......@@ -472,7 +472,7 @@ before trig 3.5.3.8-1b
drop trigger trg5b_1;
show grants;
Grants for test_yesprivs@localhost
GRANT TRIGGER ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD '*C49735D016A099C0CF104EF9183F374A54CA2576'
GRANT TRIGGER ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD <secret>
GRANT SELECT ON `priv_db`.* TO 'test_yesprivs'@'localhost'
use priv_db;
create trigger trg5b_2 before UPDATE on t1 for each row
......@@ -507,7 +507,7 @@ GRANT TRIGGER ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD '*C49
GRANT SELECT ON `priv_db`.`t1` TO 'test_yesprivs'@'localhost'
show grants;
Grants for test_noprivs@localhost
GRANT TRIGGER ON *.* TO 'test_noprivs'@'localhost' IDENTIFIED BY PASSWORD '*C49735D016A099C0CF104EF9183F374A54CA2576'
GRANT TRIGGER ON *.* TO 'test_noprivs'@'localhost' IDENTIFIED BY PASSWORD <secret>
GRANT INSERT, UPDATE, DELETE, CREATE, DROP, REFERENCES, INDEX, ALTER, CREATE VIEW, SHOW VIEW, TRIGGER ON `priv_db`.`t1` TO 'test_noprivs'@'localhost'
use priv_db;
create trigger trg5c_1 before INSERT on t1 for each row
......@@ -521,7 +521,7 @@ before trig 3.5.3.8-1c
drop trigger trg5c_1;
show grants;
Grants for test_yesprivs@localhost
GRANT TRIGGER ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD '*C49735D016A099C0CF104EF9183F374A54CA2576'
GRANT TRIGGER ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD <secret>
GRANT SELECT ON `priv_db`.`t1` TO 'test_yesprivs'@'localhost'
use priv_db;
create trigger trg5c_2 before INSERT on t1 for each row
......@@ -551,7 +551,7 @@ GRANT TRIGGER ON *.* TO 'test_noprivs'@'localhost' IDENTIFIED BY PASSWORD '*C497
GRANT INSERT (f1), UPDATE (f1) ON `priv_db`.`t1` TO 'test_noprivs'@'localhost'
show grants;
Grants for test_noprivs@localhost
GRANT TRIGGER ON *.* TO 'test_noprivs'@'localhost' IDENTIFIED BY PASSWORD '*C49735D016A099C0CF104EF9183F374A54CA2576'
GRANT TRIGGER ON *.* TO 'test_noprivs'@'localhost' IDENTIFIED BY PASSWORD <secret>
GRANT INSERT (f1), UPDATE (f1) ON `priv_db`.`t1` TO 'test_noprivs'@'localhost'
use priv_db;
create trigger trg5d_1 before INSERT on t1 for each row
......@@ -565,7 +565,7 @@ before trig 3.5.3.8-1d
drop trigger trg5d_1;
show grants;
Grants for test_yesprivs@localhost
GRANT TRIGGER ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD '*C49735D016A099C0CF104EF9183F374A54CA2576'
GRANT TRIGGER ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD <secret>
GRANT SELECT (f1) ON `priv_db`.`t1` TO 'test_yesprivs'@'localhost'
use priv_db;
create trigger trg5d_2 before INSERT on t1 for each row
......
......@@ -139,7 +139,7 @@ current_user
test_yesprivs@localhost
show grants for test_yesprivs@localhost;
Grants for test_yesprivs@localhost
GRANT USAGE ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD '*C49735D016A099C0CF104EF9183F374A54CA2576'
GRANT USAGE ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD <secret>
GRANT SELECT, UPDATE, TRIGGER ON `priv_db`.* TO 'test_yesprivs'@'localhost'
drop trigger trg1_2;
ERROR 42000: TRIGGER command denied to user 'test_yesprivs'@'localhost' for table 't1'
......@@ -387,7 +387,7 @@ current_user
test_yesprivs@localhost
show grants for test_yesprivs@localhost;
Grants for test_yesprivs@localhost
GRANT USAGE ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD '*C49735D016A099C0CF104EF9183F374A54CA2576'
GRANT USAGE ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD <secret>
GRANT SELECT, INSERT, UPDATE, TRIGGER ON `priv_db`.`t1` TO 'test_yesprivs'@'localhost'
drop trigger trg1_2;
select current_user;
......@@ -1265,7 +1265,7 @@ current_user
test_yesprivs@localhost
show grants;
Grants for test_yesprivs@localhost
GRANT USAGE ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD '*C49735D016A099C0CF104EF9183F374A54CA2576'
GRANT USAGE ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD <secret>
GRANT TRIGGER ON `priv_db`.* TO 'test_yesprivs'@'localhost' WITH GRANT OPTION
GRANT SELECT, INSERT, UPDATE, TRIGGER ON `priv_db`.`t1` TO 'test_yesprivs'@'localhost'
create definer=not_ex_user@localhost trigger trg1_3
......
......@@ -190,7 +190,7 @@ current_user
test_yesprivs@localhost
show grants;
Grants for test_yesprivs@localhost
GRANT UPDATE, TRIGGER ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD '*C49735D016A099C0CF104EF9183F374A54CA2576'
GRANT UPDATE, TRIGGER ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD <secret>
create trigger trg4a_2 before INSERT on t1 for each row
set new.f1 = 'trig 3.5.3.7-2a';
insert into t1 (f1) values ('insert 3.5.3.7-2b');
......@@ -221,7 +221,7 @@ GRANT TRIGGER ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD '*C49
GRANT UPDATE ON `priv_db`.* TO 'test_yesprivs'@'localhost'
show grants;
Grants for test_noprivs@localhost
GRANT USAGE ON *.* TO 'test_noprivs'@'localhost' IDENTIFIED BY PASSWORD '*C49735D016A099C0CF104EF9183F374A54CA2576'
GRANT USAGE ON *.* TO 'test_noprivs'@'localhost' IDENTIFIED BY PASSWORD <secret>
GRANT SELECT, INSERT, DELETE, CREATE, DROP, REFERENCES, INDEX, ALTER, CREATE TEMPORARY TABLES, LOCK TABLES, EXECUTE, CREATE VIEW, SHOW VIEW, CREATE ROUTINE, ALTER ROUTINE, EVENT, TRIGGER ON `priv_db`.* TO 'test_noprivs'@'localhost'
use priv_db;
create trigger trg4b_1 before UPDATE on t1 for each row
......@@ -248,7 +248,7 @@ trig 3.5.3.7-2a
drop trigger trg4b_1;
show grants;
Grants for test_yesprivs@localhost
GRANT TRIGGER ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD '*C49735D016A099C0CF104EF9183F374A54CA2576'
GRANT TRIGGER ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD <secret>
GRANT UPDATE ON `priv_db`.* TO 'test_yesprivs'@'localhost'
use priv_db;
create trigger trg4b_2 before UPDATE on t1 for each row
......@@ -293,7 +293,7 @@ GRANT TRIGGER ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD '*C49
GRANT UPDATE ON `priv_db`.`t1` TO 'test_yesprivs'@'localhost'
show grants;
Grants for test_noprivs@localhost
GRANT TRIGGER ON *.* TO 'test_noprivs'@'localhost' IDENTIFIED BY PASSWORD '*C49735D016A099C0CF104EF9183F374A54CA2576'
GRANT TRIGGER ON *.* TO 'test_noprivs'@'localhost' IDENTIFIED BY PASSWORD <secret>
GRANT SELECT, INSERT, DELETE, CREATE, DROP, REFERENCES, INDEX, ALTER, CREATE VIEW, SHOW VIEW, TRIGGER ON `priv_db`.`t1` TO 'test_noprivs'@'localhost'
use priv_db;
create trigger trg4c_1 before INSERT on t1 for each row
......@@ -312,7 +312,7 @@ trig 3.5.3.7-2b
drop trigger trg4c_1;
show grants;
Grants for test_yesprivs@localhost
GRANT TRIGGER ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD '*C49735D016A099C0CF104EF9183F374A54CA2576'
GRANT TRIGGER ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD <secret>
GRANT UPDATE ON `priv_db`.`t1` TO 'test_yesprivs'@'localhost'
use priv_db;
create trigger trg4c_2 before INSERT on t1 for each row
......@@ -346,7 +346,7 @@ Grants for test_noprivs@%
GRANT TRIGGER ON *.* TO 'test_noprivs'@'%'
show grants;
Grants for test_noprivs@localhost
GRANT TRIGGER ON *.* TO 'test_noprivs'@'localhost' IDENTIFIED BY PASSWORD '*C49735D016A099C0CF104EF9183F374A54CA2576'
GRANT TRIGGER ON *.* TO 'test_noprivs'@'localhost' IDENTIFIED BY PASSWORD <secret>
GRANT SELECT (f1), INSERT (f1) ON `priv_db`.`t1` TO 'test_noprivs'@'localhost'
use priv_db;
create trigger trg4d_1 before INSERT on t1 for each row
......@@ -366,7 +366,7 @@ trig 3.5.3.7-2c
drop trigger trg4d_1;
show grants;
Grants for test_yesprivs@localhost
GRANT TRIGGER ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD '*C49735D016A099C0CF104EF9183F374A54CA2576'
GRANT TRIGGER ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD <secret>
GRANT UPDATE (f1) ON `priv_db`.`t1` TO 'test_yesprivs'@'localhost'
use priv_db;
create trigger trg4d_2 before INSERT on t1 for each row
......@@ -423,7 +423,7 @@ current_user
test_yesprivs@localhost
show grants;
Grants for test_yesprivs@localhost
GRANT SELECT, TRIGGER ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD '*C49735D016A099C0CF104EF9183F374A54CA2576'
GRANT SELECT, TRIGGER ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD <secret>
create trigger trg5a_2 before INSERT on t1 for each row
set @test_var= new.f1;
set @test_var= 'before trig 3.5.3.8-2a';
......@@ -455,7 +455,7 @@ GRANT TRIGGER ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD '*C49
GRANT SELECT ON `priv_db`.* TO 'test_yesprivs'@'localhost'
show grants;
Grants for test_noprivs@localhost
GRANT TRIGGER ON *.* TO 'test_noprivs'@'localhost' IDENTIFIED BY PASSWORD '*C49735D016A099C0CF104EF9183F374A54CA2576'
GRANT TRIGGER ON *.* TO 'test_noprivs'@'localhost' IDENTIFIED BY PASSWORD <secret>
GRANT INSERT, UPDATE, DELETE, CREATE, DROP, REFERENCES, INDEX, ALTER, CREATE TEMPORARY TABLES, LOCK TABLES, EXECUTE, CREATE VIEW, SHOW VIEW, CREATE ROUTINE, ALTER ROUTINE, EVENT, TRIGGER ON `priv_db`.* TO 'test_noprivs'@'localhost'
use priv_db;
create trigger trg5b_1 before UPDATE on t1 for each row
......@@ -473,7 +473,7 @@ before trig 3.5.3.8-1b
drop trigger trg5b_1;
show grants;
Grants for test_yesprivs@localhost
GRANT TRIGGER ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD '*C49735D016A099C0CF104EF9183F374A54CA2576'
GRANT TRIGGER ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD <secret>
GRANT SELECT ON `priv_db`.* TO 'test_yesprivs'@'localhost'
use priv_db;
create trigger trg5b_2 before UPDATE on t1 for each row
......@@ -508,7 +508,7 @@ GRANT TRIGGER ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD '*C49
GRANT SELECT ON `priv_db`.`t1` TO 'test_yesprivs'@'localhost'
show grants;
Grants for test_noprivs@localhost
GRANT TRIGGER ON *.* TO 'test_noprivs'@'localhost' IDENTIFIED BY PASSWORD '*C49735D016A099C0CF104EF9183F374A54CA2576'
GRANT TRIGGER ON *.* TO 'test_noprivs'@'localhost' IDENTIFIED BY PASSWORD <secret>
GRANT INSERT, UPDATE, DELETE, CREATE, DROP, REFERENCES, INDEX, ALTER, CREATE VIEW, SHOW VIEW, TRIGGER ON `priv_db`.`t1` TO 'test_noprivs'@'localhost'
use priv_db;
create trigger trg5c_1 before INSERT on t1 for each row
......@@ -522,7 +522,7 @@ before trig 3.5.3.8-1c
drop trigger trg5c_1;
show grants;
Grants for test_yesprivs@localhost
GRANT TRIGGER ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD '*C49735D016A099C0CF104EF9183F374A54CA2576'
GRANT TRIGGER ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD <secret>
GRANT SELECT ON `priv_db`.`t1` TO 'test_yesprivs'@'localhost'
use priv_db;
create trigger trg5c_2 before INSERT on t1 for each row
......@@ -552,7 +552,7 @@ GRANT TRIGGER ON *.* TO 'test_noprivs'@'localhost' IDENTIFIED BY PASSWORD '*C497
GRANT INSERT (f1), UPDATE (f1) ON `priv_db`.`t1` TO 'test_noprivs'@'localhost'
show grants;
Grants for test_noprivs@localhost
GRANT TRIGGER ON *.* TO 'test_noprivs'@'localhost' IDENTIFIED BY PASSWORD '*C49735D016A099C0CF104EF9183F374A54CA2576'
GRANT TRIGGER ON *.* TO 'test_noprivs'@'localhost' IDENTIFIED BY PASSWORD <secret>
GRANT INSERT (f1), UPDATE (f1) ON `priv_db`.`t1` TO 'test_noprivs'@'localhost'
use priv_db;
create trigger trg5d_1 before INSERT on t1 for each row
......@@ -566,7 +566,7 @@ before trig 3.5.3.8-1d
drop trigger trg5d_1;
show grants;
Grants for test_yesprivs@localhost
GRANT TRIGGER ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD '*C49735D016A099C0CF104EF9183F374A54CA2576'
GRANT TRIGGER ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD <secret>
GRANT SELECT (f1) ON `priv_db`.`t1` TO 'test_yesprivs'@'localhost'
use priv_db;
create trigger trg5d_2 before INSERT on t1 for each row
......
......@@ -140,7 +140,7 @@ current_user
test_yesprivs@localhost
show grants for test_yesprivs@localhost;
Grants for test_yesprivs@localhost
GRANT USAGE ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD '*C49735D016A099C0CF104EF9183F374A54CA2576'
GRANT USAGE ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD <secret>
GRANT SELECT, UPDATE, TRIGGER ON `priv_db`.* TO 'test_yesprivs'@'localhost'
drop trigger trg1_2;
ERROR 42000: TRIGGER command denied to user 'test_yesprivs'@'localhost' for table 't1'
......@@ -388,7 +388,7 @@ current_user
test_yesprivs@localhost
show grants for test_yesprivs@localhost;
Grants for test_yesprivs@localhost
GRANT USAGE ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD '*C49735D016A099C0CF104EF9183F374A54CA2576'
GRANT USAGE ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD <secret>
GRANT SELECT, INSERT, UPDATE, TRIGGER ON `priv_db`.`t1` TO 'test_yesprivs'@'localhost'
drop trigger trg1_2;
select current_user;
......@@ -1266,7 +1266,7 @@ current_user
test_yesprivs@localhost
show grants;
Grants for test_yesprivs@localhost
GRANT USAGE ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD '*C49735D016A099C0CF104EF9183F374A54CA2576'
GRANT USAGE ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD <secret>
GRANT TRIGGER ON `priv_db`.* TO 'test_yesprivs'@'localhost' WITH GRANT OPTION
GRANT SELECT, INSERT, UPDATE, TRIGGER ON `priv_db`.`t1` TO 'test_yesprivs'@'localhost'
create definer=not_ex_user@localhost trigger trg1_3
......
......@@ -190,7 +190,7 @@ current_user
test_yesprivs@localhost
show grants;
Grants for test_yesprivs@localhost
GRANT UPDATE, TRIGGER ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD '*C49735D016A099C0CF104EF9183F374A54CA2576'
GRANT UPDATE, TRIGGER ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD <secret>
create trigger trg4a_2 before INSERT on t1 for each row
set new.f1 = 'trig 3.5.3.7-2a';
insert into t1 (f1) values ('insert 3.5.3.7-2b');
......@@ -221,7 +221,7 @@ GRANT TRIGGER ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD '*C49
GRANT UPDATE ON `priv_db`.* TO 'test_yesprivs'@'localhost'
show grants;
Grants for test_noprivs@localhost
GRANT USAGE ON *.* TO 'test_noprivs'@'localhost' IDENTIFIED BY PASSWORD '*C49735D016A099C0CF104EF9183F374A54CA2576'
GRANT USAGE ON *.* TO 'test_noprivs'@'localhost' IDENTIFIED BY PASSWORD <secret>
GRANT SELECT, INSERT, DELETE, CREATE, DROP, REFERENCES, INDEX, ALTER, CREATE TEMPORARY TABLES, LOCK TABLES, EXECUTE, CREATE VIEW, SHOW VIEW, CREATE ROUTINE, ALTER ROUTINE, EVENT, TRIGGER ON `priv_db`.* TO 'test_noprivs'@'localhost'
use priv_db;
create trigger trg4b_1 before UPDATE on t1 for each row
......@@ -248,7 +248,7 @@ trig 3.5.3.7-2a
drop trigger trg4b_1;
show grants;
Grants for test_yesprivs@localhost
GRANT TRIGGER ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD '*C49735D016A099C0CF104EF9183F374A54CA2576'
GRANT TRIGGER ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD <secret>
GRANT UPDATE ON `priv_db`.* TO 'test_yesprivs'@'localhost'
use priv_db;
create trigger trg4b_2 before UPDATE on t1 for each row
......@@ -293,7 +293,7 @@ GRANT TRIGGER ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD '*C49
GRANT UPDATE ON `priv_db`.`t1` TO 'test_yesprivs'@'localhost'
show grants;
Grants for test_noprivs@localhost
GRANT TRIGGER ON *.* TO 'test_noprivs'@'localhost' IDENTIFIED BY PASSWORD '*C49735D016A099C0CF104EF9183F374A54CA2576'
GRANT TRIGGER ON *.* TO 'test_noprivs'@'localhost' IDENTIFIED BY PASSWORD <secret>
GRANT SELECT, INSERT, DELETE, CREATE, DROP, REFERENCES, INDEX, ALTER, CREATE VIEW, SHOW VIEW, TRIGGER ON `priv_db`.`t1` TO 'test_noprivs'@'localhost'
use priv_db;
create trigger trg4c_1 before INSERT on t1 for each row
......@@ -312,7 +312,7 @@ trig 3.5.3.7-2b
drop trigger trg4c_1;
show grants;
Grants for test_yesprivs@localhost
GRANT TRIGGER ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD '*C49735D016A099C0CF104EF9183F374A54CA2576'
GRANT TRIGGER ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD <secret>
GRANT UPDATE ON `priv_db`.`t1` TO 'test_yesprivs'@'localhost'
use priv_db;
create trigger trg4c_2 before INSERT on t1 for each row
......@@ -346,7 +346,7 @@ Grants for test_noprivs@%
GRANT TRIGGER ON *.* TO 'test_noprivs'@'%'
show grants;
Grants for test_noprivs@localhost
GRANT TRIGGER ON *.* TO 'test_noprivs'@'localhost' IDENTIFIED BY PASSWORD '*C49735D016A099C0CF104EF9183F374A54CA2576'
GRANT TRIGGER ON *.* TO 'test_noprivs'@'localhost' IDENTIFIED BY PASSWORD <secret>
GRANT SELECT (f1), INSERT (f1) ON `priv_db`.`t1` TO 'test_noprivs'@'localhost'
use priv_db;
create trigger trg4d_1 before INSERT on t1 for each row
......@@ -366,7 +366,7 @@ trig 3.5.3.7-2c
drop trigger trg4d_1;
show grants;
Grants for test_yesprivs@localhost
GRANT TRIGGER ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD '*C49735D016A099C0CF104EF9183F374A54CA2576'
GRANT TRIGGER ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD <secret>
GRANT UPDATE (f1) ON `priv_db`.`t1` TO 'test_yesprivs'@'localhost'
use priv_db;
create trigger trg4d_2 before INSERT on t1 for each row
......@@ -423,7 +423,7 @@ current_user
test_yesprivs@localhost
show grants;
Grants for test_yesprivs@localhost
GRANT SELECT, TRIGGER ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD '*C49735D016A099C0CF104EF9183F374A54CA2576'
GRANT SELECT, TRIGGER ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD <secret>
create trigger trg5a_2 before INSERT on t1 for each row
set @test_var= new.f1;
set @test_var= 'before trig 3.5.3.8-2a';
......@@ -455,7 +455,7 @@ GRANT TRIGGER ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD '*C49
GRANT SELECT ON `priv_db`.* TO 'test_yesprivs'@'localhost'
show grants;
Grants for test_noprivs@localhost
GRANT TRIGGER ON *.* TO 'test_noprivs'@'localhost' IDENTIFIED BY PASSWORD '*C49735D016A099C0CF104EF9183F374A54CA2576'
GRANT TRIGGER ON *.* TO 'test_noprivs'@'localhost' IDENTIFIED BY PASSWORD <secret>
GRANT INSERT, UPDATE, DELETE, CREATE, DROP, REFERENCES, INDEX, ALTER, CREATE TEMPORARY TABLES, LOCK TABLES, EXECUTE, CREATE VIEW, SHOW VIEW, CREATE ROUTINE, ALTER ROUTINE, EVENT, TRIGGER ON `priv_db`.* TO 'test_noprivs'@'localhost'
use priv_db;
create trigger trg5b_1 before UPDATE on t1 for each row
......@@ -473,7 +473,7 @@ before trig 3.5.3.8-1b
drop trigger trg5b_1;
show grants;
Grants for test_yesprivs@localhost
GRANT TRIGGER ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD '*C49735D016A099C0CF104EF9183F374A54CA2576'
GRANT TRIGGER ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD <secret>
GRANT SELECT ON `priv_db`.* TO 'test_yesprivs'@'localhost'
use priv_db;
create trigger trg5b_2 before UPDATE on t1 for each row
......@@ -508,7 +508,7 @@ GRANT TRIGGER ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD '*C49
GRANT SELECT ON `priv_db`.`t1` TO 'test_yesprivs'@'localhost'
show grants;
Grants for test_noprivs@localhost
GRANT TRIGGER ON *.* TO 'test_noprivs'@'localhost' IDENTIFIED BY PASSWORD '*C49735D016A099C0CF104EF9183F374A54CA2576'
GRANT TRIGGER ON *.* TO 'test_noprivs'@'localhost' IDENTIFIED BY PASSWORD <secret>
GRANT INSERT, UPDATE, DELETE, CREATE, DROP, REFERENCES, INDEX, ALTER, CREATE VIEW, SHOW VIEW, TRIGGER ON `priv_db`.`t1` TO 'test_noprivs'@'localhost'
use priv_db;
create trigger trg5c_1 before INSERT on t1 for each row
......@@ -522,7 +522,7 @@ before trig 3.5.3.8-1c
drop trigger trg5c_1;
show grants;
Grants for test_yesprivs@localhost
GRANT TRIGGER ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD '*C49735D016A099C0CF104EF9183F374A54CA2576'
GRANT TRIGGER ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD <secret>
GRANT SELECT ON `priv_db`.`t1` TO 'test_yesprivs'@'localhost'
use priv_db;
create trigger trg5c_2 before INSERT on t1 for each row
......@@ -552,7 +552,7 @@ GRANT TRIGGER ON *.* TO 'test_noprivs'@'localhost' IDENTIFIED BY PASSWORD '*C497
GRANT INSERT (f1), UPDATE (f1) ON `priv_db`.`t1` TO 'test_noprivs'@'localhost'
show grants;
Grants for test_noprivs@localhost
GRANT TRIGGER ON *.* TO 'test_noprivs'@'localhost' IDENTIFIED BY PASSWORD '*C49735D016A099C0CF104EF9183F374A54CA2576'
GRANT TRIGGER ON *.* TO 'test_noprivs'@'localhost' IDENTIFIED BY PASSWORD <secret>
GRANT INSERT (f1), UPDATE (f1) ON `priv_db`.`t1` TO 'test_noprivs'@'localhost'
use priv_db;
create trigger trg5d_1 before INSERT on t1 for each row
......@@ -566,7 +566,7 @@ before trig 3.5.3.8-1d
drop trigger trg5d_1;
show grants;
Grants for test_yesprivs@localhost
GRANT TRIGGER ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD '*C49735D016A099C0CF104EF9183F374A54CA2576'
GRANT TRIGGER ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD <secret>
GRANT SELECT (f1) ON `priv_db`.`t1` TO 'test_yesprivs'@'localhost'
use priv_db;
create trigger trg5d_2 before INSERT on t1 for each row
......
......@@ -140,7 +140,7 @@ current_user
test_yesprivs@localhost
show grants for test_yesprivs@localhost;
Grants for test_yesprivs@localhost
GRANT USAGE ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD '*C49735D016A099C0CF104EF9183F374A54CA2576'
GRANT USAGE ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD <secret>
GRANT SELECT, UPDATE, TRIGGER ON `priv_db`.* TO 'test_yesprivs'@'localhost'
drop trigger trg1_2;
ERROR 42000: TRIGGER command denied to user 'test_yesprivs'@'localhost' for table 't1'
......@@ -388,7 +388,7 @@ current_user
test_yesprivs@localhost
show grants for test_yesprivs@localhost;
Grants for test_yesprivs@localhost
GRANT USAGE ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD '*C49735D016A099C0CF104EF9183F374A54CA2576'
GRANT USAGE ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD <secret>
GRANT SELECT, INSERT, UPDATE, TRIGGER ON `priv_db`.`t1` TO 'test_yesprivs'@'localhost'
drop trigger trg1_2;
select current_user;
......@@ -1266,7 +1266,7 @@ current_user
test_yesprivs@localhost
show grants;
Grants for test_yesprivs@localhost
GRANT USAGE ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD '*C49735D016A099C0CF104EF9183F374A54CA2576'
GRANT USAGE ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD <secret>
GRANT TRIGGER ON `priv_db`.* TO 'test_yesprivs'@'localhost' WITH GRANT OPTION
GRANT SELECT, INSERT, UPDATE, TRIGGER ON `priv_db`.`t1` TO 'test_yesprivs'@'localhost'
create definer=not_ex_user@localhost trigger trg1_3
......
......@@ -131,7 +131,7 @@ GRANT INSERT,UPDATE ON processlist TO current_user;
ERROR 42000: Access denied for user 'ddicttestuser1'@'localhost' to database 'information_schema'
SHOW GRANTS;
Grants for ddicttestuser1@localhost
GRANT USAGE ON *.* TO 'ddicttestuser1'@'localhost' IDENTIFIED BY PASSWORD '*22DA61451703738F203CDB9DB041ACBA1F4760B1'
GRANT USAGE ON *.* TO 'ddicttestuser1'@'localhost' IDENTIFIED BY PASSWORD <secret>
CREATE INDEX i_processlist ON processlist (user);
ERROR 42000: Access denied for user 'ddicttestuser1'@'localhost' to database 'information_schema'
DROP TABLE processlist;
......@@ -165,7 +165,7 @@ SHOW/SELECT shows only the processes (1) of the user.
####################################################################################
SHOW GRANTS;
Grants for ddicttestuser1@localhost
GRANT PROCESS ON *.* TO 'ddicttestuser1'@'localhost' IDENTIFIED BY PASSWORD '*22DA61451703738F203CDB9DB041ACBA1F4760B1'
GRANT PROCESS ON *.* TO 'ddicttestuser1'@'localhost' IDENTIFIED BY PASSWORD <secret>
SHOW processlist;
Id User Host db Command Time State Info
ID ddicttestuser1 HOST_NAME information_schema Query TIME NULL SHOW processlist
......@@ -178,7 +178,7 @@ SHOW/SELECT shows all processes/threads.
####################################################################################
SHOW GRANTS;
Grants for ddicttestuser1@localhost
GRANT PROCESS ON *.* TO 'ddicttestuser1'@'localhost' IDENTIFIED BY PASSWORD '*22DA61451703738F203CDB9DB041ACBA1F4760B1'
GRANT PROCESS ON *.* TO 'ddicttestuser1'@'localhost' IDENTIFIED BY PASSWORD <secret>
SHOW processlist;
Id User Host db Command Time State Info
ID root HOST_NAME information_schema Sleep TIME NULL
......@@ -226,7 +226,7 @@ ddicttestuser1 are visible.
####################################################################################
SHOW GRANTS;
Grants for ddicttestuser1@localhost
GRANT USAGE ON *.* TO 'ddicttestuser1'@'localhost' IDENTIFIED BY PASSWORD '*22DA61451703738F203CDB9DB041ACBA1F4760B1'
GRANT USAGE ON *.* TO 'ddicttestuser1'@'localhost' IDENTIFIED BY PASSWORD <secret>
SHOW processlist;
Id User Host db Command Time State Info
ID ddicttestuser1 HOST_NAME information_schema Sleep TIME NULL
......@@ -290,7 +290,7 @@ Only the processes of ddicttestuser1 are visible.
####################################################################################
SHOW GRANTS FOR 'ddicttestuser1'@'localhost';
Grants for ddicttestuser1@localhost
GRANT USAGE ON *.* TO 'ddicttestuser1'@'localhost' IDENTIFIED BY PASSWORD '*22DA61451703738F203CDB9DB041ACBA1F4760B1'
GRANT USAGE ON *.* TO 'ddicttestuser1'@'localhost' IDENTIFIED BY PASSWORD <secret>
SHOW processlist;
Id User Host db Command Time State Info
ID ddicttestuser1 HOST_NAME information_schema Sleep TIME NULL
......@@ -338,7 +338,7 @@ ddicttestuser2 has now the PROCESS privilege and sees all connections
####################################################################################
SHOW GRANTS FOR 'ddicttestuser2'@'localhost';
Grants for ddicttestuser2@localhost
GRANT PROCESS ON *.* TO 'ddicttestuser2'@'localhost' IDENTIFIED BY PASSWORD '*22DA61451703738F203CDB9DB041ACBA1F4760B1'
GRANT PROCESS ON *.* TO 'ddicttestuser2'@'localhost' IDENTIFIED BY PASSWORD <secret>
SHOW processlist;
Id User Host db Command Time State Info
ID root HOST_NAME information_schema Sleep TIME NULL
......@@ -376,7 +376,7 @@ ddicttestuser2 has no more the PROCESS privilege and can only see own connects
####################################################################################
SHOW GRANTS;
Grants for ddicttestuser2@localhost
GRANT USAGE ON *.* TO 'ddicttestuser2'@'localhost' IDENTIFIED BY PASSWORD '*22DA61451703738F203CDB9DB041ACBA1F4760B1'
GRANT USAGE ON *.* TO 'ddicttestuser2'@'localhost' IDENTIFIED BY PASSWORD <secret>
SHOW processlist;
Id User Host db Command Time State Info
ID ddicttestuser2 HOST_NAME information_schema Sleep TIME NULL
......@@ -397,7 +397,7 @@ He is also unable to GRANT the PROCESS privilege to ddicttestuser2
####################################################################################
SHOW GRANTS FOR 'ddicttestuser1'@'localhost';
Grants for ddicttestuser1@localhost
GRANT USAGE ON *.* TO 'ddicttestuser1'@'localhost' IDENTIFIED BY PASSWORD '*22DA61451703738F203CDB9DB041ACBA1F4760B1'
GRANT USAGE ON *.* TO 'ddicttestuser1'@'localhost' IDENTIFIED BY PASSWORD <secret>
GRANT PROCESS ON *.* TO 'ddicttestuser2'@'localhost';
ERROR 28000: Access denied for user 'ddicttestuser1'@'localhost' (using password: YES)
SHOW processlist;
......@@ -434,7 +434,7 @@ Therefore the missing SELECT privilege does not affect SELECTs on PROCESSLIST.
####################################################################################
SHOW GRANTS FOR 'ddicttestuser1'@'localhost';
Grants for ddicttestuser1@localhost
GRANT USAGE ON *.* TO 'ddicttestuser1'@'localhost' IDENTIFIED BY PASSWORD '*22DA61451703738F203CDB9DB041ACBA1F4760B1'
GRANT USAGE ON *.* TO 'ddicttestuser1'@'localhost' IDENTIFIED BY PASSWORD <secret>
SHOW processlist;
Id User Host db Command Time State Info
ID ddicttestuser1 HOST_NAME information_schema Sleep TIME NULL
......
......@@ -131,7 +131,7 @@ GRANT INSERT,UPDATE ON processlist TO current_user;
ERROR 42000: Access denied for user 'ddicttestuser1'@'localhost' to database 'information_schema'
SHOW GRANTS;
Grants for ddicttestuser1@localhost
GRANT USAGE ON *.* TO 'ddicttestuser1'@'localhost' IDENTIFIED BY PASSWORD '*22DA61451703738F203CDB9DB041ACBA1F4760B1'
GRANT USAGE ON *.* TO 'ddicttestuser1'@'localhost' IDENTIFIED BY PASSWORD <secret>
CREATE INDEX i_processlist ON processlist (user);
ERROR 42000: Access denied for user 'ddicttestuser1'@'localhost' to database 'information_schema'
DROP TABLE processlist;
......@@ -165,7 +165,7 @@ SHOW/SELECT shows only the processes (1) of the user.
####################################################################################
SHOW GRANTS;
Grants for ddicttestuser1@localhost
GRANT PROCESS ON *.* TO 'ddicttestuser1'@'localhost' IDENTIFIED BY PASSWORD '*22DA61451703738F203CDB9DB041ACBA1F4760B1'
GRANT PROCESS ON *.* TO 'ddicttestuser1'@'localhost' IDENTIFIED BY PASSWORD <secret>
SHOW processlist;
Id User Host db Command Time State Info
ID ddicttestuser1 HOST_NAME information_schema Query TIME NULL SHOW processlist
......@@ -178,7 +178,7 @@ SHOW/SELECT shows all processes/threads.
####################################################################################
SHOW GRANTS;
Grants for ddicttestuser1@localhost
GRANT PROCESS ON *.* TO 'ddicttestuser1'@'localhost' IDENTIFIED BY PASSWORD '*22DA61451703738F203CDB9DB041ACBA1F4760B1'
GRANT PROCESS ON *.* TO 'ddicttestuser1'@'localhost' IDENTIFIED BY PASSWORD <secret>
SHOW processlist;
Id User Host db Command Time State Info
ID root HOST_NAME information_schema Sleep TIME NULL
......@@ -226,7 +226,7 @@ ddicttestuser1 are visible.
####################################################################################
SHOW GRANTS;
Grants for ddicttestuser1@localhost
GRANT USAGE ON *.* TO 'ddicttestuser1'@'localhost' IDENTIFIED BY PASSWORD '*22DA61451703738F203CDB9DB041ACBA1F4760B1'
GRANT USAGE ON *.* TO 'ddicttestuser1'@'localhost' IDENTIFIED BY PASSWORD <secret>
SHOW processlist;
Id User Host db Command Time State Info
ID ddicttestuser1 HOST_NAME information_schema Sleep TIME NULL
......@@ -290,7 +290,7 @@ Only the processes of ddicttestuser1 are visible.
####################################################################################
SHOW GRANTS FOR 'ddicttestuser1'@'localhost';
Grants for ddicttestuser1@localhost
GRANT USAGE ON *.* TO 'ddicttestuser1'@'localhost' IDENTIFIED BY PASSWORD '*22DA61451703738F203CDB9DB041ACBA1F4760B1'
GRANT USAGE ON *.* TO 'ddicttestuser1'@'localhost' IDENTIFIED BY PASSWORD <secret>
SHOW processlist;
Id User Host db Command Time State Info
ID ddicttestuser1 HOST_NAME information_schema Sleep TIME NULL
......@@ -338,7 +338,7 @@ ddicttestuser2 has now the PROCESS privilege and sees all connections
####################################################################################
SHOW GRANTS FOR 'ddicttestuser2'@'localhost';
Grants for ddicttestuser2@localhost
GRANT PROCESS ON *.* TO 'ddicttestuser2'@'localhost' IDENTIFIED BY PASSWORD '*22DA61451703738F203CDB9DB041ACBA1F4760B1'
GRANT PROCESS ON *.* TO 'ddicttestuser2'@'localhost' IDENTIFIED BY PASSWORD <secret>
SHOW processlist;
Id User Host db Command Time State Info
ID root HOST_NAME information_schema Sleep TIME NULL
......@@ -376,7 +376,7 @@ ddicttestuser2 has no more the PROCESS privilege and can only see own connects
####################################################################################
SHOW GRANTS;
Grants for ddicttestuser2@localhost
GRANT USAGE ON *.* TO 'ddicttestuser2'@'localhost' IDENTIFIED BY PASSWORD '*22DA61451703738F203CDB9DB041ACBA1F4760B1'
GRANT USAGE ON *.* TO 'ddicttestuser2'@'localhost' IDENTIFIED BY PASSWORD <secret>
SHOW processlist;
Id User Host db Command Time State Info
ID ddicttestuser2 HOST_NAME information_schema Sleep TIME NULL
......@@ -397,7 +397,7 @@ He is also unable to GRANT the PROCESS privilege to ddicttestuser2
####################################################################################
SHOW GRANTS FOR 'ddicttestuser1'@'localhost';
Grants for ddicttestuser1@localhost
GRANT USAGE ON *.* TO 'ddicttestuser1'@'localhost' IDENTIFIED BY PASSWORD '*22DA61451703738F203CDB9DB041ACBA1F4760B1'
GRANT USAGE ON *.* TO 'ddicttestuser1'@'localhost' IDENTIFIED BY PASSWORD <secret>
GRANT PROCESS ON *.* TO 'ddicttestuser2'@'localhost';
ERROR 28000: Access denied for user 'ddicttestuser1'@'localhost' (using password: YES)
SHOW processlist;
......@@ -434,7 +434,7 @@ Therefore the missing SELECT privilege does not affect SELECTs on PROCESSLIST.
####################################################################################
SHOW GRANTS FOR 'ddicttestuser1'@'localhost';
Grants for ddicttestuser1@localhost
GRANT USAGE ON *.* TO 'ddicttestuser1'@'localhost' IDENTIFIED BY PASSWORD '*22DA61451703738F203CDB9DB041ACBA1F4760B1'
GRANT USAGE ON *.* TO 'ddicttestuser1'@'localhost' IDENTIFIED BY PASSWORD <secret>
SHOW processlist;
Id User Host db Command Time State Info
ID ddicttestuser1 HOST_NAME information_schema Sleep TIME NULL
......
/* Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved.
/* Copyright (c) 2000, 2015, Oracle and/or its affiliates. All rights reserved.
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
......@@ -4697,16 +4697,23 @@ bool mysql_show_grants(THD *thd,LEX_USER *lex_user)
system_charset_info);
global.append ('\'');
if (acl_user->salt_len)
{
global.append(STRING_WITH_LEN(" IDENTIFIED BY PASSWORD"));
if ((thd->security_ctx->master_access & SUPER_ACL) == SUPER_ACL)
{
char passwd_buff[SCRAMBLED_PASSWORD_CHAR_LENGTH+1];
if (acl_user->salt_len == SCRAMBLE_LENGTH)
make_password_from_salt(passwd_buff, acl_user->salt);
else
make_password_from_salt_323(passwd_buff, (ulong *) acl_user->salt);
global.append(STRING_WITH_LEN(" IDENTIFIED BY PASSWORD '"));
global.append(" \'");
global.append(passwd_buff);
global.append('\'');
}
else
global.append(" <secret>");
}
/* "show grants" SSL related stuff */
if (acl_user->ssl_type == SSL_TYPE_ANY)
global.append(STRING_WITH_LEN(" REQUIRE SSL"));
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment