Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
M
MariaDB
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Analytics
Analytics
CI / CD
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
nexedi
MariaDB
Commits
350c35a0
Commit
350c35a0
authored
May 12, 2007
by
holyfoot/hf@hfmain.(none)
Browse files
Options
Browse Files
Download
Plain Diff
Merge mysql.com:/home/hf/work/27957/my50-27957
into mysql.com:/home/hf/work/27957/my51-27957
parents
ba3d60b1
6fe0f52d
Changes
4
Hide whitespace changes
Inline
Side-by-side
Showing
4 changed files
with
52 additions
and
92 deletions
+52
-92
mysql-test/r/grant.result
mysql-test/r/grant.result
+21
-88
mysql-test/t/grant.test
mysql-test/t/grant.test
+25
-0
sql/sql_prepare.cc
sql/sql_prepare.cc
+3
-2
sql/sql_update.cc
sql/sql_update.cc
+3
-2
No files found.
mysql-test/r/grant.result
View file @
350c35a0
...
@@ -923,7 +923,7 @@ ERROR 42000: SELECT command denied to user 'mysqltest_1'@'localhost' for table '
...
@@ -923,7 +923,7 @@ ERROR 42000: SELECT command denied to user 'mysqltest_1'@'localhost' for table '
SHOW CREATE TABLE mysqltest2.t_nn;
SHOW CREATE TABLE mysqltest2.t_nn;
Table Create Table
Table Create Table
t_nn CREATE TABLE `t_nn` (
t_nn CREATE TABLE `t_nn` (
`c1` int(11)
DEFAULT
NULL
`c1` int(11)
default
NULL
) ENGINE=MyISAM DEFAULT CHARSET=latin1
) ENGINE=MyISAM DEFAULT CHARSET=latin1
SHOW CREATE VIEW mysqltest2.t_nn;
SHOW CREATE VIEW mysqltest2.t_nn;
ERROR HY000: 'mysqltest2.t_nn' is not VIEW
ERROR HY000: 'mysqltest2.t_nn' is not VIEW
...
@@ -942,7 +942,7 @@ v_nn CREATE ALGORITHM=UNDEFINED DEFINER=`root`@`localhost` SQL SECURITY DEFINER
...
@@ -942,7 +942,7 @@ v_nn CREATE ALGORITHM=UNDEFINED DEFINER=`root`@`localhost` SQL SECURITY DEFINER
SHOW CREATE TABLE mysqltest2.t_nn;
SHOW CREATE TABLE mysqltest2.t_nn;
Table Create Table
Table Create Table
t_nn CREATE TABLE `t_nn` (
t_nn CREATE TABLE `t_nn` (
`c1` int(11)
DEFAULT
NULL
`c1` int(11)
default
NULL
) ENGINE=MyISAM DEFAULT CHARSET=latin1
) ENGINE=MyISAM DEFAULT CHARSET=latin1
SHOW CREATE VIEW mysqltest2.t_nn;
SHOW CREATE VIEW mysqltest2.t_nn;
ERROR HY000: 'mysqltest2.t_nn' is not VIEW
ERROR HY000: 'mysqltest2.t_nn' is not VIEW
...
@@ -960,72 +960,6 @@ DROP USER 'mysqltest_1'@'localhost';
...
@@ -960,72 +960,6 @@ DROP USER 'mysqltest_1'@'localhost';
use test;
use test;
create user mysqltest1_thisisreallytoolong;
create user mysqltest1_thisisreallytoolong;
ERROR HY000: String 'mysqltest1_thisisreallytoolong' is too long for user name (should be no longer than 16)
ERROR HY000: String 'mysqltest1_thisisreallytoolong' is too long for user name (should be no longer than 16)
CREATE DATABASE mysqltest1;
CREATE TABLE mysqltest1.t1 (
int_field INTEGER UNSIGNED NOT NULL,
char_field CHAR(10),
INDEX(`int_field`)
);
CREATE TABLE mysqltest1.t2 (int_field INT);
"Now check that we require equivalent grants for "
"RENAME TABLE and ALTER TABLE"
CREATE USER mysqltest_1@localhost;
GRANT SELECT ON mysqltest1.t1 TO mysqltest_1@localhost;
SELECT USER();
USER()
mysqltest_1@localhost
SHOW GRANTS;
Grants for mysqltest_1@localhost
GRANT USAGE ON *.* TO 'mysqltest_1'@'localhost'
GRANT SELECT ON `mysqltest1`.`t1` TO 'mysqltest_1'@'localhost'
RENAME TABLE t1 TO t2;
ERROR 42000: DROP,ALTER command denied to user 'mysqltest_1'@'localhost' for table 't1'
ALTER TABLE t1 RENAME TO t2;
ERROR 42000: DROP,ALTER command denied to user 'mysqltest_1'@'localhost' for table 't1'
GRANT DROP ON mysqltest1.t1 TO mysqltest_1@localhost;
RENAME TABLE t1 TO t2;
ERROR 42000: ALTER command denied to user 'mysqltest_1'@'localhost' for table 't1'
ALTER TABLE t1 RENAME TO t2;
ERROR 42000: ALTER command denied to user 'mysqltest_1'@'localhost' for table 't1'
GRANT ALTER ON mysqltest1.t1 TO mysqltest_1@localhost;
SHOW GRANTS;
Grants for mysqltest_1@localhost
GRANT USAGE ON *.* TO 'mysqltest_1'@'localhost'
GRANT SELECT, DROP, ALTER ON `mysqltest1`.`t1` TO 'mysqltest_1'@'localhost'
RENAME TABLE t1 TO t2;
ERROR 42000: INSERT,CREATE command denied to user 'mysqltest_1'@'localhost' for table 't2'
ALTER TABLE t1 RENAME TO t2;
ERROR 42000: INSERT,CREATE command denied to user 'mysqltest_1'@'localhost' for table 't2'
GRANT INSERT, CREATE ON mysqltest1.t1 TO mysqltest_1@localhost;
SHOW GRANTS;
Grants for mysqltest_1@localhost
GRANT USAGE ON *.* TO 'mysqltest_1'@'localhost'
GRANT SELECT, INSERT, CREATE, DROP, ALTER ON `mysqltest1`.`t1` TO 'mysqltest_1'@'localhost'
GRANT INSERT, SELECT, CREATE, ALTER, DROP ON mysqltest1.t2 TO mysqltest_1@localhost;
DROP TABLE mysqltest1.t2;
SHOW GRANTS;
Grants for mysqltest_1@localhost
GRANT USAGE ON *.* TO 'mysqltest_1'@'localhost'
GRANT SELECT, INSERT, CREATE, DROP, ALTER ON `mysqltest1`.`t2` TO 'mysqltest_1'@'localhost'
GRANT SELECT, INSERT, CREATE, DROP, ALTER ON `mysqltest1`.`t1` TO 'mysqltest_1'@'localhost'
RENAME TABLE t1 TO t2;
RENAME TABLE t2 TO t1;
ALTER TABLE t1 RENAME TO t2;
ALTER TABLE t2 RENAME TO t1;
REVOKE DROP, INSERT ON mysqltest1.t1 FROM mysqltest_1@localhost;
REVOKE DROP, INSERT ON mysqltest1.t2 FROM mysqltest_1@localhost;
SHOW GRANTS;
Grants for mysqltest_1@localhost
GRANT USAGE ON *.* TO 'mysqltest_1'@'localhost'
GRANT SELECT, CREATE, ALTER ON `mysqltest1`.`t2` TO 'mysqltest_1'@'localhost'
GRANT SELECT, CREATE, ALTER ON `mysqltest1`.`t1` TO 'mysqltest_1'@'localhost'
RENAME TABLE t1 TO t2;
ERROR 42000: DROP command denied to user 'mysqltest_1'@'localhost' for table 't1'
ALTER TABLE t1 RENAME TO t2;
ERROR 42000: DROP command denied to user 'mysqltest_1'@'localhost' for table 't1'
DROP USER mysqltest_1@localhost;
DROP DATABASE mysqltest1;
USE test;
GRANT CREATE ON mysqltest.* TO 1234567890abcdefGHIKL@localhost;
GRANT CREATE ON mysqltest.* TO 1234567890abcdefGHIKL@localhost;
ERROR HY000: String '1234567890abcdefGHIKL' is too long for user name (should be no longer than 16)
ERROR HY000: String '1234567890abcdefGHIKL' is too long for user name (should be no longer than 16)
GRANT CREATE ON mysqltest.* TO some_user_name@1234567890abcdefghij1234567890abcdefghij1234567890abcdefghijQWERTY;
GRANT CREATE ON mysqltest.* TO some_user_name@1234567890abcdefghij1234567890abcdefghij1234567890abcdefghijQWERTY;
...
@@ -1050,26 +984,6 @@ REVOKE EXECUTE ON PROCEDURE p1 FROM 1234567890abcdefGHIKL@localhost;
...
@@ -1050,26 +984,6 @@ REVOKE EXECUTE ON PROCEDURE p1 FROM 1234567890abcdefGHIKL@localhost;
ERROR HY000: String '1234567890abcdefGHIKL' is too long for user name (should be no longer than 16)
ERROR HY000: String '1234567890abcdefGHIKL' is too long for user name (should be no longer than 16)
REVOKE EXECUTE ON PROCEDURE t1 FROM some_user_name@1234567890abcdefghij1234567890abcdefghij1234567890abcdefghijQWERTY;
REVOKE EXECUTE ON PROCEDURE t1 FROM some_user_name@1234567890abcdefghij1234567890abcdefghij1234567890abcdefghijQWERTY;
ERROR HY000: String '1234567890abcdefghij1234567890abcdefghij1234567890abcdefghijQWERTY' is too long for host name (should be no longer than 60)
ERROR HY000: String '1234567890abcdefghij1234567890abcdefghij1234567890abcdefghijQWERTY' is too long for host name (should be no longer than 60)
CREATE USER bug23556@localhost;
CREATE DATABASE bug23556;
GRANT SELECT ON bug23556.* TO bug23556@localhost;
USE bug23556;
CREATE TABLE t1 (a INT PRIMARY KEY);
INSERT INTO t1 VALUES (1),(2),(3),(4),(5);
GRANT DELETE ON t1 TO bug23556@localhost;
USE bug23556;
TRUNCATE t1;
ERROR 42000: DROP command denied to user 'bug23556'@'localhost' for table 't1'
USE bug23556;
REVOKE DELETE ON t1 FROM bug23556@localhost;
GRANT DROP ON t1 TO bug23556@localhost;
USE bug23556;
TRUNCATE t1;
USE bug23556;
DROP TABLE t1;
USE test;
DROP DATABASE bug23556;
DROP USER bug23556@localhost;
GRANT PROCESS ON * TO user@localhost;
GRANT PROCESS ON * TO user@localhost;
ERROR 3D000: No database selected
ERROR 3D000: No database selected
DROP DATABASE IF EXISTS mysqltest1;
DROP DATABASE IF EXISTS mysqltest1;
...
@@ -1194,6 +1108,25 @@ ERROR 42000: SELECT command denied to user 'mysqltest_2'@'localhost' for table '
...
@@ -1194,6 +1108,25 @@ ERROR 42000: SELECT command denied to user 'mysqltest_2'@'localhost' for table '
DROP DATABASE mysqltest1;
DROP DATABASE mysqltest1;
DROP DATABASE mysqltest2;
DROP DATABASE mysqltest2;
DROP USER mysqltest_1@localhost;
DROP USER mysqltest_1@localhost;
use test;
CREATE TABLE t1 (f1 int, f2 int);
INSERT INTO t1 VALUES(1,1), (2,2);
CREATE DATABASE db27878;
GRANT UPDATE(f1) ON t1 TO 'mysqltest_1'@'localhost';
GRANT SELECT ON `test`.* TO 'mysqltest_1'@'localhost';
GRANT ALL ON db27878.* TO 'mysqltest_1'@'localhost';
use db27878;
CREATE SQL SECURITY INVOKER VIEW db27878.v1 AS SELECT * FROM test.t1;
use db27878;
UPDATE v1 SET f2 = 4;
ERROR HY000: View 'db27878.v1' references invalid table(s) or column(s) or function(s) or definer/invoker of view lack rights to use them
SELECT * FROM test.t1;
f1 f2
1 1
2 2
DROP VIEW v1;
use test;
DROP TABLE t1;
End of 5.0 tests
End of 5.0 tests
set names utf8;
set names utf8;
grant select on test.* to юзер_юзер@localhost;
grant select on test.* to юзер_юзер@localhost;
...
...
mysql-test/t/grant.test
View file @
350c35a0
...
@@ -415,6 +415,7 @@ connect (user1,localhost,mysqltest_1,,mysqltest,$MASTER_MYPORT,$MASTER_MYSOCK);
...
@@ -415,6 +415,7 @@ connect (user1,localhost,mysqltest_1,,mysqltest,$MASTER_MYPORT,$MASTER_MYSOCK);
connection
user1
;
connection
user1
;
--
error
1142
--
error
1142
alter
table
t1
rename
t2
;
alter
table
t1
rename
t2
;
disconnect
user1
;
connection
root
;
connection
root
;
revoke
all
privileges
on
mysqltest
.
t1
from
mysqltest_1
@
localhost
;
revoke
all
privileges
on
mysqltest
.
t1
from
mysqltest_1
@
localhost
;
delete
from
mysql
.
user
where
user
=
_binary
'mysqltest_1'
;
delete
from
mysql
.
user
where
user
=
_binary
'mysqltest_1'
;
...
@@ -1235,6 +1236,30 @@ DROP DATABASE mysqltest2;
...
@@ -1235,6 +1236,30 @@ DROP DATABASE mysqltest2;
DROP
USER
mysqltest_1
@
localhost
;
DROP
USER
mysqltest_1
@
localhost
;
#
# Bug#27878: Unchecked privileges on a view referring to a table from another
# database.
#
use
test
;
CREATE
TABLE
t1
(
f1
int
,
f2
int
);
INSERT
INTO
t1
VALUES
(
1
,
1
),
(
2
,
2
);
CREATE
DATABASE
db27878
;
GRANT
UPDATE
(
f1
)
ON
t1
TO
'mysqltest_1'
@
'localhost'
;
GRANT
SELECT
ON
`test`
.*
TO
'mysqltest_1'
@
'localhost'
;
GRANT
ALL
ON
db27878
.*
TO
'mysqltest_1'
@
'localhost'
;
use
db27878
;
CREATE
SQL
SECURITY
INVOKER
VIEW
db27878
.
v1
AS
SELECT
*
FROM
test
.
t1
;
connect
(
user1
,
localhost
,
mysqltest_1
,,
test
);
connection
user1
;
use
db27878
;
--
error
1356
UPDATE
v1
SET
f2
=
4
;
SELECT
*
FROM
test
.
t1
;
disconnect
user1
;
connection
default
;
DROP
VIEW
v1
;
use
test
;
DROP
TABLE
t1
;
--
echo
End
of
5.0
tests
--
echo
End
of
5.0
tests
...
...
sql/sql_prepare.cc
View file @
350c35a0
...
@@ -1164,8 +1164,9 @@ static int mysql_test_update(Prepared_statement *stmt,
...
@@ -1164,8 +1164,9 @@ static int mysql_test_update(Prepared_statement *stmt,
goto
error
;
goto
error
;
#ifndef NO_EMBEDDED_ACCESS_CHECKS
#ifndef NO_EMBEDDED_ACCESS_CHECKS
/* TABLE_LIST contain right privilages request */
/* Force privilege re-checking for views after they have been opened. */
want_privilege
=
table_list
->
grant
.
want_privilege
;
want_privilege
=
(
table_list
->
view
?
UPDATE_ACL
:
table_list
->
grant
.
want_privilege
);
#endif
#endif
if
(
mysql_prepare_update
(
thd
,
table_list
,
&
select
->
where
,
if
(
mysql_prepare_update
(
thd
,
table_list
,
&
select
->
where
,
...
...
sql/sql_update.cc
View file @
350c35a0
...
@@ -170,8 +170,9 @@ int mysql_update(THD *thd,
...
@@ -170,8 +170,9 @@ int mysql_update(THD *thd,
table
->
quick_keys
.
clear_all
();
table
->
quick_keys
.
clear_all
();
#ifndef NO_EMBEDDED_ACCESS_CHECKS
#ifndef NO_EMBEDDED_ACCESS_CHECKS
/* TABLE_LIST contain right privilages request */
/* Force privilege re-checking for views after they have been opened. */
want_privilege
=
table_list
->
grant
.
want_privilege
;
want_privilege
=
(
table_list
->
view
?
UPDATE_ACL
:
table_list
->
grant
.
want_privilege
);
#endif
#endif
if
(
mysql_prepare_update
(
thd
,
table_list
,
&
conds
,
order_num
,
order
))
if
(
mysql_prepare_update
(
thd
,
table_list
,
&
conds
,
order_num
,
order
))
DBUG_RETURN
(
1
);
DBUG_RETURN
(
1
);
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment