Bug #70114 | MySQL Permissions - Renaming a TEMPORARY table requires DROP privilege | ||
---|---|---|---|
Submitted: | 22 Aug 2013 1:38 | Modified: | 22 Aug 2013 8:18 |
Reporter: | Josh Engman | Email Updates: | |
Status: | Verified | Impact on me: | |
Category: | MySQL Server: Security: Privileges | Severity: | S3 (Non-critical) |
Version: | 5.1.61, 5.1.71, 5.5.33, 5.6.13, 5.7.2-m12 | OS: | Any |
Assigned to: | CPU Architecture: | Any | |
Tags: | permission mysql drop temporary |
[22 Aug 2013 1:38]
Josh Engman
[22 Aug 2013 2:25]
Josh Engman
I forgot to mention that the main reason I feel this is a bug (and does not fall under the umbrella of TEMPORARY tables requiring permission on the underlying table) is that MySQL specifically returns an error that the "DROP" permission is required, but you don't need the DROP permission to DROP a TEMPORARY table. So I can CREATE TEMPORARY TABLE test1(id int); DROP TEMPORARY TABLE test1; without issue.
[22 Aug 2013 8:18]
MySQL Verification Team
Hello Josh, Thank you for the bug report. Verified as described. Thanks, Umesh