| Bug #3102 | SET PASSWORD command executed by users | ||
|---|---|---|---|
| Submitted: | 8 Mar 2004 3:01 | Modified: | 8 Mar 2004 8:14 |
| Reporter: | [ name withheld ] | Email Updates: | |
| Status: | Can't repeat | Impact on me: | |
| Category: | MySQL Server: User-defined functions ( UDF ) | Severity: | S2 (Serious) |
| Version: | 4.0.12 | OS: | Linux (linux suse 8.2) |
| Assigned to: | Dean Ellis | CPU Architecture: | Any |
[8 Mar 2004 8:14]
Dean Ellis
I cannot repeat this with 4.0.19. There have been many changes since 4.0.12; please update this if you see such behavior with a current release.
Description: On mysql 4.0.12 users (!= root) are not able to change their own password. comments: in my example (in the part "How to repeat") -user "dummy" is only one (no more other users like "*dummy*"); -the database "test_dummy" is only one; - the command SELECT CURRENT_USER() started by "dummy" returns: mysql> SELECT CURRENT_USER(); >+--------------------+ >| CURRENT_USER() | >+--------------------+ >| dummy@<host_ip> | >+--------------------+ >1 row in set (0.01 sec) were <host_ip> is my entry. Best Regards, Bogdan How to repeat: example: 1. as mysql root: mysql> create database test_dummy; mysql> grant all on test_dummy.* to dummy; mysql> set password for 'dummy'=password('testpass'); mysql> flush privileges; mysql> exit 2. as user dummy: mysql> set password=password('testpass1'); >ERROR 1044: Access denied for user: 'dummy@'<host_ip>' to database 'mysql' where <host_ip> is my change