An error occurred fetching the project authors.
  1. 08 Sep, 2017 1 commit
  2. 04 Sep, 2015 1 commit
  3. 01 Feb, 2006 2 commits
    • unknown's avatar
      Fix for BUG#9412: Triggers: should have trigger privilege. · 6aaed733
      unknown authored
      Implement table-level TRIGGER privilege to control access to triggers.
      Before this path global SUPER privilege was used for this purpose, that
      was the big security problem.
      
      In details, before this patch SUPER privilege was required:
        - for the user at CREATE TRIGGER time to create a new trigger;
        - for the user at DROP TRIGGER time to drop the existing trigger;
        - for the definer at trigger activation time to execute the trigger (if the
          definer loses SUPER privilege, all its triggers become unavailable);
      
      This patch changes the behaviour in the following way:
        - TRIGGER privilege on the subject table for trigger is required:
          - for the user at CREATE TRIGGER time to create a new trigger;
          - for the user at DROP TRIGGER time to drop the existing trigger;
          - for the definer at trigger activation time to execute the trigger
            (if the definer loses TRIGGER privilege on the subject table, all its
            triggers on this table become unavailable).
        - SUPER privilege is still required:
          - for the user at CREATE TRIGGER time to explicitly set the trigger
            definer to the user other than CURRENT_USER().
      
      When the server works with database of the previous version (w/o TRIGGER
      privilege), or if the database is being upgraded from the previous versions,
      TRIGGER privilege is granted to whose users, who have CREATE privilege.
      
      
      mysql-test/r/grant.result:
        Updated the result file after adding TRIGGER privilege.
      mysql-test/r/information_schema.result:
        Updated the result file after adding TRIGGER privilege.
      mysql-test/r/lowercase_table_grant.result:
        Updated the result file after adding TRIGGER privilege.
      mysql-test/r/ps.result:
        Updated the result file after adding TRIGGER privilege.
      mysql-test/r/sp.result:
        Updated the result file after adding TRIGGER privilege.
      mysql-test/r/trigger-compat.result:
        Updated the result file after adding TRIGGER privilege.
      mysql-test/r/trigger-grant.result:
        Updated the result file after adding TRIGGER privilege.
      mysql-test/t/trigger-compat.test:
        Grant table-level TRIGGER privilege instead of global SUPER one.
      mysql-test/t/trigger-grant.test:
        1. Grant table-level TRIGGER privilege instead of global SUPER one.
        2. Updated the test case to check that SUPER is required to specify
        the user other than the current as a definer.
      scripts/mysql_create_system_tables.sh:
        Added TRIGGER privilege.
      scripts/mysql_fix_privilege_tables.sql:
        Added TRIGGER privilege.
      sql/sql_acl.cc:
        Added TRIGGER privilege.
      sql/sql_acl.h:
        Added TRIGGER privilege.
      sql/sql_show.cc:
        Added TRIGGER privilege.
      sql/sql_trigger.cc:
        Check TRIGGER privilege instead of SUPER.
      sql/sql_yacc.yy:
        Added TRIGGER privilege.
      6aaed733
    • anozdrin@mysql.com's avatar
      Fix for BUG#9412: Triggers: should have trigger privilege. · 0a1f7e92
      anozdrin@mysql.com authored
      Implement table-level TRIGGER privilege to control access to triggers.
      Before this path global SUPER privilege was used for this purpose, that
      was the big security problem.
      
      In details, before this patch SUPER privilege was required:
        - for the user at CREATE TRIGGER time to create a new trigger;
        - for the user at DROP TRIGGER time to drop the existing trigger;
        - for the definer at trigger activation time to execute the trigger (if the
          definer loses SUPER privilege, all its triggers become unavailable);
      
      This patch changes the behaviour in the following way:
        - TRIGGER privilege on the subject table for trigger is required:
          - for the user at CREATE TRIGGER time to create a new trigger;
          - for the user at DROP TRIGGER time to drop the existing trigger;
          - for the definer at trigger activation time to execute the trigger
            (if the definer loses TRIGGER privilege on the subject table, all its
            triggers on this table become unavailable).
        - SUPER privilege is still required:
          - for the user at CREATE TRIGGER time to explicitly set the trigger
            definer to the user other than CURRENT_USER().
      
      When the server works with database of the previous version (w/o TRIGGER
      privilege), or if the database is being upgraded from the previous versions,
      TRIGGER privilege is granted to whose users, who have CREATE privilege.
      0a1f7e92
  4. 10 Jan, 2006 2 commits
    • unknown's avatar
      WL #1034 (Internal CRON) pre-push updates · 1ef97f1f
      unknown authored
      - fixed test results
      - fixed bug caught by information_schema.test . Bison temporal
        variables are very nice but extremely error-prone (Count one more
        time just to be sure).
      
      
      mysql-test/r/connect.result:
        fix result for WL#1034 (internal CRON)
      mysql-test/r/events.result:
        fix result for WL#1034 (internal CRON)
      mysql-test/r/grant.result:
        fix result for WL#1034 (internal CRON)
      mysql-test/r/information_schema.result:
        fix result for WL#1034 (internal CRON)
      mysql-test/r/lowercase_table_grant.result:
        fix result for WL#1034 (internal CRON)
      mysql-test/r/ps.result:
        fix result for WL#1034 (internal CRON)
      mysql-test/r/system_mysql_db.result:
        fix result for WL#1034 (internal CRON)
      mysql-test/t/events.test:
        fix result for WL#1034 (internal CRON)
      sql/sql_yacc.yy:
        - fix bug introduced by me when making usage of temporal
          bison variables. COUNT 7 times then write!
      1ef97f1f
    • andrey@lmy004.'s avatar
      WL #1034 (Internal CRON) pre-push updates · d2f0002e
      andrey@lmy004. authored
      - fixed test results
      - fixed bug caught by information_schema.test . Bison temporal
        variables are very nice but extremely error-prone (Count one more
        time just to be sure).
      d2f0002e
  5. 18 Feb, 2005 2 commits
  6. 15 Feb, 2005 2 commits