An error occurred fetching the project authors.
  1. 21 Nov, 2006 1 commit
  2. 01 Jun, 2006 1 commit
  3. 18 May, 2006 1 commit
  4. 12 May, 2006 1 commit
  5. 09 Mar, 2006 1 commit
  6. 06 Feb, 2006 1 commit
  7. 01 Feb, 2006 1 commit
    • anozdrin@mysql.com's avatar
      Fix for BUG#9412: Triggers: should have trigger privilege. · 0a1f7e92
      anozdrin@mysql.com authored
      Implement table-level TRIGGER privilege to control access to triggers.
      Before this path global SUPER privilege was used for this purpose, that
      was the big security problem.
      
      In details, before this patch SUPER privilege was required:
        - for the user at CREATE TRIGGER time to create a new trigger;
        - for the user at DROP TRIGGER time to drop the existing trigger;
        - for the definer at trigger activation time to execute the trigger (if the
          definer loses SUPER privilege, all its triggers become unavailable);
      
      This patch changes the behaviour in the following way:
        - TRIGGER privilege on the subject table for trigger is required:
          - for the user at CREATE TRIGGER time to create a new trigger;
          - for the user at DROP TRIGGER time to drop the existing trigger;
          - for the definer at trigger activation time to execute the trigger
            (if the definer loses TRIGGER privilege on the subject table, all its
            triggers on this table become unavailable).
        - SUPER privilege is still required:
          - for the user at CREATE TRIGGER time to explicitly set the trigger
            definer to the user other than CURRENT_USER().
      
      When the server works with database of the previous version (w/o TRIGGER
      privilege), or if the database is being upgraded from the previous versions,
      TRIGGER privilege is granted to whose users, who have CREATE privilege.
      0a1f7e92
  8. 24 Jan, 2006 1 commit
    • anozdrin@mysql.com's avatar
      Fix for the following bugs: · 378147a2
      anozdrin@mysql.com authored
        - BUG#15166: Wrong update permissions required to execute triggers
        - BUG#15196: Wrong select permission required to execute triggers
      
      The idea of the fix is to check necessary privileges
      in Item_trigger_field::fix_fields(), instead of having "special variables"
      technique. To achieve this, we should pass to an Item_trigger_field instance
      a flag, which will indicate the usage/access type of this trigger variable.
      378147a2
  9. 12 Jan, 2006 1 commit
  10. 10 Nov, 2005 1 commit