• Dmitry Lenev's avatar
    Fix for bug #58499 "DEFINER-security view selecting from · 94fbedd3
    Dmitry Lenev authored
    INVOKER-security view access check wrong".
    
    When privilege checks were done for tables used from an 
    INVOKER-security view which in its turn was used from 
    a DEFINER-security view connection's active security
    context was incorrectly used instead of security context
    with privileges of the second view's creator.
    
    This meant that users which had enough rights to access
    the DEFINER-security view and as result were supposed to 
    be able successfully access it were unable to do so in 
    cases when they didn't have privileges on underlying tables 
    of the INVOKER-security view.
    
    This problem was caused by the fact that for INVOKER-security
    views TABLE_LIST::security_ctx member for underlying tables
    were set to 0 even in cases when particular view was used from 
    another DEFINER-security view. This meant that when checks of
    privileges on these underlying tables was done in
    setup_tables_and_check_access() active connection security 
    context was used instead of context corresponding to the 
    creator of caller view.
    
    This fix addresses the problem by ensuring that underlying
    tables of an INVOKER-security view inherit security context
    from the view and thus correct security context is used for
    privilege checks on underlying tables in cases when such view 
    is used from another view with DEFINER-security.
    94fbedd3
sql_view.cc 60.1 KB