Description:
We have "SHOW DATABASES" privilege which allows the users to list databases on the instance. Similarly, provide a privilege ("SHOW TABLES") that can help to list tables in the database or basically list all rows in `information_schema.tables`.
Many migration tools and scripts, relay on listing the objects even there is no specific need to export the data. In this case, we need to grant SELECT on all objects on the instance even though the actual data is not been queried.
Providing an additional privilege to list only tables will help to improve the security context of DB users by limiting the access and protecting table data.
How to repeat:
Feature request to add new privilege to list tables on the instance. (Only object names)
Suggested fix:
A new privilege that allows to display only object names from dictionary tables can help. This can be validated when running SHOW TABLES command or executing a query on information_schema.tables table (especially table_schema and table_name columns).
Description: We have "SHOW DATABASES" privilege which allows the users to list databases on the instance. Similarly, provide a privilege ("SHOW TABLES") that can help to list tables in the database or basically list all rows in `information_schema.tables`. Many migration tools and scripts, relay on listing the objects even there is no specific need to export the data. In this case, we need to grant SELECT on all objects on the instance even though the actual data is not been queried. Providing an additional privilege to list only tables will help to improve the security context of DB users by limiting the access and protecting table data. How to repeat: Feature request to add new privilege to list tables on the instance. (Only object names) Suggested fix: A new privilege that allows to display only object names from dictionary tables can help. This can be validated when running SHOW TABLES command or executing a query on information_schema.tables table (especially table_schema and table_name columns).