Bug #32980 ALTER TABLE can delete rows w/o DELETE_priv
Submitted: 4 Dec 2007 20:38 Modified: 14 Feb 2008 16:33
Reporter: Sergei Golubchik Email Updates:
Status: Won't fix Impact on me:
None 
Category:MySQL Server: Security: Privileges Severity:S3 (Non-critical)
Version: OS:Any
Assigned to: Mattias Jonsson CPU Architecture:Any

[4 Dec 2007 20:38] Sergei Golubchik 
Description:
A user having ALTER privilege, but not DELETE privilege can abuse it to delete some rows from the table. According to the manual "The ALTER privilege enables you to use ALTER TABLE to change the structure of or rename tables." it doesn't look like ALTER_priv should imply the ability to delete.

How to repeat:
grant alter on test.* to test@localhost;
create table t1 (a int);
insert t1 values (1),(1),(1);

and as test user:

alter ignore table t1 add unique (a);

Suggested fix:
first, decide whether it's intentional and what should be fixed - the manual or the code. note the related bug#23603 and other partitioning bugs. we want a consistent behavior for ALTER in all modes.
[7 Feb 2008 4:18] Paul DuBois 
I don't really see the point of this bug report. Of course if you have ALTER you can cause a table to lose data: DROP COLUMN, for example.
[14 Feb 2008 16:33] Mattias Jonsson 
There will be no change in privileges for this