Description:
When using MySQL 4.1 with old passwords and an old (pre-4.1) client,
authentication fails in odd ways if multiple users or databases have names of
the same length.
I have tested this when using MySQL 4.1 server on Linux and the Windows binary
distribution of MySQL Control Center client 0.9.2, and with the MySQL client
version 3.23.49 on NetBSD. The server was configured with the following
options: --prefix=/usr/local/mysql --with-extra-charsets=all
The problems which occur when using an old client are not clearly
defined, but some of the problems I observed are:
-When logged in as fusio, you can access both databases fusio and aaaaa
and vice versa
-When logged in as fusio or aaaaa you cannot access either database
This seems rather serious, as users can incorrectly access other users'
databases.
When the only databases and users that exist have names with different
lengths, (e.g. aaaaa and aaaaaa) the problem does not seem to occur.
The problems do not occur when using the MySQL 4.1 client and when using old
or new passwords.
How to repeat:
To set up my test case, install MySQL 4.1, run mysql_install_db, run the server
with mysqld_safe --skip-innodb , run the mysql 4.1 client and issue the
following commands:
use mysql
grant all on aaaaa.* to aaaaa identified by 'foo';
grant all on fusio.* to fusio identified by 'foo';
update user set Password=old_password('foo') where User='aaaaa';
update user set Password=old_password('foo') where User='fusio';
flush privileges;
To test, run an old MySQL client like this:
mysql -u fusio -p
or
mysql -u aaaaa -p
then try:
create database fusio;
create database aaaaa;
Or try the same operations using the Windows binary distribution of MySQL
Control Center version 0.9.2
Depending on how it failed, neither or both of the above will work.
Running flush privileges *while a user is logged in* seems to modify
the way in which it fails sometimes.
I can answer any questions or provide a MySQL server on the internet that
exhibits the problem if asked. My email address is
Mario Becroft <mb@gem.win.co.nz>
Suggested fix:
Not known.
Description: When using MySQL 4.1 with old passwords and an old (pre-4.1) client, authentication fails in odd ways if multiple users or databases have names of the same length. I have tested this when using MySQL 4.1 server on Linux and the Windows binary distribution of MySQL Control Center client 0.9.2, and with the MySQL client version 3.23.49 on NetBSD. The server was configured with the following options: --prefix=/usr/local/mysql --with-extra-charsets=all The problems which occur when using an old client are not clearly defined, but some of the problems I observed are: -When logged in as fusio, you can access both databases fusio and aaaaa and vice versa -When logged in as fusio or aaaaa you cannot access either database This seems rather serious, as users can incorrectly access other users' databases. When the only databases and users that exist have names with different lengths, (e.g. aaaaa and aaaaaa) the problem does not seem to occur. The problems do not occur when using the MySQL 4.1 client and when using old or new passwords. How to repeat: To set up my test case, install MySQL 4.1, run mysql_install_db, run the server with mysqld_safe --skip-innodb , run the mysql 4.1 client and issue the following commands: use mysql grant all on aaaaa.* to aaaaa identified by 'foo'; grant all on fusio.* to fusio identified by 'foo'; update user set Password=old_password('foo') where User='aaaaa'; update user set Password=old_password('foo') where User='fusio'; flush privileges; To test, run an old MySQL client like this: mysql -u fusio -p or mysql -u aaaaa -p then try: create database fusio; create database aaaaa; Or try the same operations using the Windows binary distribution of MySQL Control Center version 0.9.2 Depending on how it failed, neither or both of the above will work. Running flush privileges *while a user is logged in* seems to modify the way in which it fails sometimes. I can answer any questions or provide a MySQL server on the internet that exhibits the problem if asked. My email address is Mario Becroft <mb@gem.win.co.nz> Suggested fix: Not known.