diff --git a/mysql-test/r/plugin_not_embedded.result b/mysql-test/r/plugin_not_embedded.result new file mode 100644 index 0000000000000000000000000000000000000000..ca6b1e5b1f459d6271107e52b25dfd68636051b0 --- /dev/null +++ b/mysql-test/r/plugin_not_embedded.result @@ -0,0 +1,11 @@ +# +# Bug#51770: UNINSTALL PLUGIN requires no privileges +# +GRANT INSERT ON mysql.plugin TO bug51770@localhost; +INSTALL PLUGIN example SONAME 'ha_example.so'; +UNINSTALL PLUGIN example; +ERROR 42000: DELETE command denied to user 'bug51770'@'localhost' for table 'plugin' +GRANT DELETE ON mysql.plugin TO bug51770@localhost; +FLUSH PRIVILEGES; +UNINSTALL PLUGIN example; +DROP USER bug51770@localhost; diff --git a/mysql-test/t/plugin_not_embedded-master.opt b/mysql-test/t/plugin_not_embedded-master.opt new file mode 100644 index 0000000000000000000000000000000000000000..367d5233e0ee787ff8b34c07f3f9484dcba5abec --- /dev/null +++ b/mysql-test/t/plugin_not_embedded-master.opt @@ -0,0 +1 @@ +$EXAMPLE_PLUGIN_OPT diff --git a/mysql-test/t/plugin_not_embedded.test b/mysql-test/t/plugin_not_embedded.test new file mode 100644 index 0000000000000000000000000000000000000000..eea7deab40c9ea48d4538e729596387204002792 --- /dev/null +++ b/mysql-test/t/plugin_not_embedded.test @@ -0,0 +1,20 @@ +--source include/not_embedded.inc +--source include/have_example_plugin.inc + +--echo # +--echo # Bug#51770: UNINSTALL PLUGIN requires no privileges +--echo # + +GRANT INSERT ON mysql.plugin TO bug51770@localhost; +connect(con1,localhost,bug51770,,); +eval INSTALL PLUGIN example SONAME $HA_EXAMPLE_SO; +--error ER_TABLEACCESS_DENIED_ERROR +UNINSTALL PLUGIN example; +connection default; +GRANT DELETE ON mysql.plugin TO bug51770@localhost; +FLUSH PRIVILEGES; +connection con1; +UNINSTALL PLUGIN example; +disconnect con1; +connection default; +DROP USER bug51770@localhost; diff --git a/sql/sql_plugin.cc b/sql/sql_plugin.cc index 9e35e392d2a68544920d8c988e938a1cb6e27a30..0706ef248813ac8036a98713185a22bb974a6cbb 100644 --- a/sql/sql_plugin.cc +++ b/sql/sql_plugin.cc @@ -1736,6 +1736,8 @@ bool mysql_uninstall_plugin(THD *thd, const LEX_STRING *name) bzero(&tables, sizeof(tables)); tables.db= (char *)"mysql"; tables.table_name= tables.alias= (char *)"plugin"; + if (check_table_access(thd, DELETE_ACL, &tables, 1, FALSE)) + DBUG_RETURN(TRUE); /* need to open before acquiring LOCK_plugin or it will deadlock */ if (! (table= open_ltable(thd, &tables, TL_WRITE, 0)))