Bug #51770 | UNINSTALL PLUGIN requires no privileges | ||
---|---|---|---|
Submitted: | 5 Mar 2010 16:14 | Modified: | 12 Jul 2010 8:30 |
Reporter: | Paul DuBois | Email Updates: | |
Status: | Closed | Impact on me: | |
Category: | MySQL Server: Security: Privileges | Severity: | S2 (Serious) |
Version: | 5.1+ | OS: | Any |
Assigned to: | Davi Arnaut | CPU Architecture: | Any |
[5 Mar 2010 16:14]
Paul DuBois
[8 Mar 2010 21:13]
Bugs System
A patch for this bug has been committed. After review, it may be pushed to the relevant source trees for release in the next version. You can access the patch from: http://lists.mysql.com/commits/102618 3375 Davi Arnaut 2010-03-08 Bug#51770: UNINSTALL PLUGIN requires no privileges The problem was that UNINSTALL PLUGIN wasn't performing privilege checks before removing a plugin. Any user (including users without any kind of privileges) could uninstall any plugin. The solution is to verify if the user has the DELETE privilege for the mysql.plugin table before uninstalling a plugin. @ mysql-test/r/plugin_not_embedded.result Add test case result for Bug#51770. @ mysql-test/t/plugin_not_embedded-master.opt Add example plugin path. @ mysql-test/t/plugin_not_embedded.test Add test case for Bug#51770. Skip embedded as test relies on privileges checks.
[9 Mar 2010 12:16]
Bugs System
A patch for this bug has been committed. After review, it may be pushed to the relevant source trees for release in the next version. You can access the patch from: http://lists.mysql.com/commits/102693 3375 Davi Arnaut 2010-03-09 Bug#51770: UNINSTALL PLUGIN requires no privileges The problem was that UNINSTALL PLUGIN wasn't performing privilege checks before removing a plugin. Any user (including users without any kind of privileges) could uninstall any plugin. The solution is to verify if the user has the DELETE privilege for the mysql.plugin table before uninstalling a plugin. @ mysql-test/r/plugin_not_embedded.result Add test case result for Bug#51770. @ mysql-test/t/plugin_not_embedded-master.opt Add example plugin path. @ mysql-test/t/plugin_not_embedded.test Add test case for Bug#51770. Skip embedded as test relies on privileges checks.
[13 Mar 2010 21:25]
Davi Arnaut
Queued to mysql-5.1-bugteam
[26 Mar 2010 8:21]
Bugs System
Pushed into 5.5.4-m3 (revid:alik@sun.com-20100326080914-2pz8ns984e0spu03) (version source revid:alexey.kopytov@sun.com-20100320202342-3oapaq7r0t6qhexq) (merge vers: 5.5.3-m2) (pib:16)
[26 Mar 2010 8:25]
Bugs System
Pushed into mysql-next-mr (revid:alik@sun.com-20100326081116-m3v4l34yhr43mtsv) (version source revid:alik@sun.com-20100325072612-4sds00ix8ajo1e84) (pib:16)
[26 Mar 2010 8:30]
Bugs System
Pushed into 6.0.14-alpha (revid:alik@sun.com-20100326081944-qja07qklw1p2w7jb) (version source revid:alik@sun.com-20100325073410-4t4i9gu2u1pge7xb) (merge vers: 6.0.14-alpha) (pib:16)
[6 Apr 2010 7:56]
Bugs System
Pushed into 5.1.46 (revid:sergey.glukhov@sun.com-20100405111026-7kz1p8qlzglqgfmu) (version source revid:davi.arnaut@sun.com-20100309121617-yyhxs2u2c2s0ykti) (merge vers: 5.1.46) (pib:16)
[14 Apr 2010 19:38]
Paul DuBois
Noted in 5.1.46, 5.5.5, 6.0.14 changelogs. Privilege checking for UNINSTALL PLUGIN was incorrect.
[11 May 2010 15:57]
Paul DuBois
Added CVE-2010-1621 tag to changelog entry.
[17 Jun 2010 12:11]
Bugs System
Pushed into 5.1.47-ndb-7.0.16 (revid:martin.skold@mysql.com-20100617114014-bva0dy24yyd67697) (version source revid:vasil.dimov@oracle.com-20100331130613-8ja7n0vh36a80457) (merge vers: 5.1.46) (pib:16)
[17 Jun 2010 12:58]
Bugs System
Pushed into 5.1.47-ndb-6.2.19 (revid:martin.skold@mysql.com-20100617115448-idrbic6gbki37h1c) (version source revid:martin.skold@mysql.com-20100609211156-tsac5qhw951miwtt) (merge vers: 5.1.46-ndb-6.2.19) (pib:16)
[17 Jun 2010 13:38]
Bugs System
Pushed into 5.1.47-ndb-6.3.35 (revid:martin.skold@mysql.com-20100617114611-61aqbb52j752y116) (version source revid:vasil.dimov@oracle.com-20100331130613-8ja7n0vh36a80457) (merge vers: 5.1.46) (pib:16)