Bug #30281 Falcon: missing privilege check for dropping tablespace
Submitted: 7 Aug 2007 17:26 Modified: 21 Nov 2008 16:02
Reporter: Peter Gulutzan Email Updates:
Status: Closed Impact on me:
Category:MySQL Server: DDL Severity:S3 (Non-critical)
Version:6.0.2-alpha-debug OS:Linux (SUSE 10 64-bit)
Assigned to: Alexander Nozdrin CPU Architecture:Any

[7 Aug 2007 17:26] Peter Gulutzan
As root, I grant USAGE privilege to peter@localhost. Nothing else.
As peter@localhost, I drop tablespace falcon_user + falcon_temporary.
As root, I try to create a temporary table. I can't.

I don't know what privilege should be necessary for DROP TABLESPACE.
But when I drop a tablespace, I can interfere with other users.
Therefore I should have something stronger than a USAGE privilege.

How to repeat:
As user root, say:
create temporary table t (s1 int) engine=falcon;
grant usage on test.* to peter@localhost;

As user peter@localhost, say:
use test
drop tablespace falcon_user engine=falcon;
drop tablespace falcon_temporary engine=falcon;

As user root (after restarting mysql client), say:
create temporary table t2 (s1 int) engine=falcon;

Observe that the CREATE fails, with error message
ERROR 1005 (HY000): Can't create table 'test.t2' (errno: 156)
[7 Aug 2007 17:53] MySQL Verification Team
Thank you for the bug report. Verified as described:

c:\dev\6.0>bin\mysql -uroot test
Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 4
Server version: 6.0.2-alpha-nt Source distribution

Type 'help;' or '\h' for help. Type '\c' to clear the buffer.

mysql> create temporary table t2 (s1 int) engine=falcon;
ERROR 1005 (HY000): Can't create table 'test.t2' (errno: 156)
[23 Oct 2007 20:30] Kevin Lewis
See also;  Bug#31304

>Ann wrote;
>Bug#30281 is a mess.  Yes, someone ought to manage privileges
>for tablespaces, but no, Falcon doesn't do privileges, and no, 
>the server doesn't know anything about privileges.  What we 
>ought to do is refuse to drop FALCON_MASTER, FALCON_USER, and 
>FALCON_TEMPORARY.  What we should do about privileges for 
>dropping user defined tablespaces.  I truly don't know.

>>Kostja (Konstantin Osipov) wrote;
>>OK, tablespace implementation is incomplete.
>>A tablespace should belong to the database. It should be subject
>>for privilege checks. The syntax should be done right. These all
>>are not falcon issues.
>>We will be changing these.

>Kevin Lewis wrote; 
> Kostja,
> Currently in Falcon, a tablespace may contain multiple databases, and all
> databases are split between two tablespaces, one for data and one for
> metadata.  In other words, the tablespace FALCON_DICTIONARY contains all
> metadata while data pages are either in FALCON_USER or some there
> tablespace.  FALCON_USER contains data from all databases unless specified
> otherwise.

Kostja (Konstantin Osipov) wrote;
Tablespaces are currently not present in MySQL system catalog
(mysql.* tables). I wonder whether they are backed up and restored
properly with mysqldump and/or online backup - this needs to be

Privileges is another concern, indeed. We don't currently have a
dedicated privilege bit for CREATE/ALTER/DROP TABLESPACE.

Neither we have chosen any other privilege that would cover 
them. If we decide that tablespaces are global, i.e.
do not belong to any database, we should choose or add a global

Current global-only privileges:


Other privileges can be granted globally, and then they apply to
all databases, or on database/table level.
[23 Oct 2007 23:19] Christopher Powers
StorageHandler::deleteTablespace() now rejects requests to delete system tablespaces.  Changeset 1.2673.

The larger issues of tablespace privileges is being addressed by Bug#31304.
[2 Nov 2007 14:04] Peter Gulutzan
Rejecting requests to delete system tablespaces will not fix this bug.
[30 Nov 2007 20:42] Bugs System
Pushed into 6.0.4-alpha
[21 Nov 2008 16:02] Paul DuBois
No changelog entry. CREATE TABLESPACE privilege has already been documented.