Bug #18681 | View privileges are broken | ||
---|---|---|---|
Submitted: | 31 Mar 2006 10:38 | Modified: | 26 May 2006 16:39 |
Reporter: | Per Holm | Email Updates: | |
Status: | Closed | Impact on me: | |
Category: | MySQL Server: Views | Severity: | S2 (Serious) |
Version: | 5.0.21-BK, 5.0.18 | OS: | Linux (Linux, Mac OS X 10.4.5) |
Assigned to: | Georgi Kodinov | CPU Architecture: | Any |
[31 Mar 2006 10:38]
Per Holm
[31 Mar 2006 11:29]
Valeriy Kravchuk
Thank you for a bug report. Verified just as described with 5.0.21-BK (ChangeSet@1.2124, 2006-03-30 11:34:14-08:00) on Linux. With a separate newly created testv database: mysql> create user readonly@localhost; Query OK, 0 rows affected (0.00 sec) mysql> create database testv; Query OK, 1 row affected (0.00 sec) mysql> use testv; Database changed mysql> create table t (x int); inQuery OK, 0 rows affected (0.01 sec) mysql> insert into t values (1), (2); Query OK, 2 rows affected (0.00 sec) Records: 2 Duplicates: 0 Warnings: 0 mysql> create SQL SECURITY INVOKER view v_t as select * from t; Query OK, 0 rows affected (0.01 sec) mysql> grant select on testv.t to readonly; Query OK, 0 rows affected (0.01 sec) mysql> grant select, insert, update, delete on testv.v_t to readonly; Query OK, 0 rows affected (0.00 sec) mysql> exit Bye openxs@suse:~/dbs/5.0> bin/mysql -ureadonly testv Reading table information for completion of table and column names You can turn off this feature to get a quicker startup with -A Welcome to the MySQL monitor. Commands end with ; or \g. Your MySQL connection id is 12 to server version: 5.0.21 Type 'help;' or '\h' for help. Type '\c' to clear the buffer. mysql> select * from v_t; +------+ | x | +------+ | 1 | | 2 | +------+ 2 rows in set (0.00 sec) mysql> insert into v_t values(4); ERROR 1356 (HY000): View 'testv.v_t' references invalid table(s) or column(s) or function(s) or definer/invoker of view lack rights to use them mysql> delete from v_t where x = 1; ERROR 1356 (HY000): View 'testv.v_t' references invalid table(s) or column(s) or function(s) or definer/invoker of view lack rights to use them mysql> update v_t set x = 3 where x = 2; Query OK, 1 row affected (0.00 sec) Rows matched: 1 Changed: 1 Warnings: 0 mysql> select * from t; +------+ | x | +------+ | 1 | | 3 | +------+ 2 rows in set (0.00 sec) mysql> delete from v_t; Query OK, 2 rows affected (0.00 sec) mysql> select * from t; Empty set (0.00 sec) So, if manual (http://dev.mysql.com/doc/refman/5.0/en/create-view.html) is right: "At view execution time, privileges for objects accessed by the view are checked against the privileges held by the view creator or invoker, depending on whether the SQL SECURITY characteristic is DEFINER or INVOKER, respectively." then there is a bug here. With UPDATE allowed. The other bug is with DELETE without WHERE is allowed (while DELETE with WHERE is NOT)!
[19 May 2006 11:10]
Bugs System
A patch for this bug has been committed. After review, it may be pushed to the relevant source trees for release in the next version. You can access the patch from: http://lists.mysql.com/commits/6623
[26 May 2006 8:46]
Bugs System
A patch for this bug has been committed. After review, it may be pushed to the relevant source trees for release in the next version. You can access the patch from: http://lists.mysql.com/commits/6900
[26 May 2006 12:48]
Georgi Kodinov
pushed in 5.0.23-BK
[26 May 2006 16:39]
Paul DuBois
Noted in 5.0.23 changelog. Several aspects of view privileges were being checked incorrectly.