Bug #6896 Permissions problems
Submitted: 30 Nov 2004 18:25 Modified: 1 Jan 2005 21:26
Reporter: Andrew Bonney Email Updates:
Status: No Feedback Impact on me:
None 
Category:MySQL Administrator Severity:S2 (Serious)
Version:latest OS:Windows (Win XP Pro)
Assigned to: CPU Architecture:Any

[30 Nov 2004 18:25] Andrew Bonney
Description:
If I add a new user to be able to connect from a remote computer and log into the administrator on a remote computer, but only be able to access and edit certain databases this works, but even without global permissions enabled you can edit ALL users' details including passwords to concievably lock the administrator of the syestem out of the server.

How to repeat:
Create a new account and give the account access to a database via schema priveledges, log in through the administrator using this new user's details, go to user administration and try to change the password of another user and apply the changes. You receive an error (select ok). Close the program (this requires selecting the discard changes button that pops up). Finally try to log in on the account which this user has supposedly changed the password for and although an error was displayed the password has been changed.

Suggested fix:
Do not allow access to the user administration control panel from users not on localhost. Or stop users with permissions for one schema or two from editing other users' passwords etc.
[1 Dec 2004 17:03] MySQL Verification Team
Hi,

Thank you for the report, but I can't reproduce it. 
What exactly version of MySQL Administrator do you use?
[1 Dec 2004 21:26] Andrew Bonney
I am keeping an eye on this. I tried exactly the same thing again and this time the user couldn't edit other users' passwords. I will be carrying out extensive testing before I implement this solution, but the bug appears fixed.
[14 Feb 2005 22:54] Bugs System
No feedback was provided for this bug for over a month, so it is
being suspended automatically. If you are able to provide the
information that was originally requested, please do so and change
the status of the bug back to "Open".