Bug #85302 | Dropping a proxied user does not revoke the proxies on that user | ||
---|---|---|---|
Submitted: | 4 Mar 2017 1:47 | Modified: | 9 Mar 2017 10:12 |
Reporter: | monty solomon | Email Updates: | |
Status: | Not a Bug | Impact on me: | |
Category: | MySQL Server: Security: Privileges | Severity: | S3 (Non-critical) |
Version: | OS: | Any | |
Assigned to: | CPU Architecture: | Any |
[4 Mar 2017 1:47]
monty solomon
[6 Mar 2017 9:37]
Georgi Kodinov
PROXY is (the only) privilege that has a user account as its object. We generally don't drop privilege grants when dropping the object. And we don't do that for a good reason. I.e. if you have a complex grant structure and you want to restore your table you won't have to restore all grants to it too. So I'd say that it's expected, consistent behavior. E.g. check DROP TABLE on a recent 5.7: mysql> create table haha.t1(a int); -------------- create table haha.t1(a int) -------------- Query OK, 0 rows affected (0.03 sec) mysql> create user hoho@localhost; -------------- create user hoho@localhost -------------- Query OK, 0 rows affected (0.01 sec) mysql> grant all privileges on haha.t1 to hoho@localhost; -------------- grant all privileges on haha.t1 to hoho@localhost -------------- Query OK, 0 rows affected (0.00 sec) mysql> select * from mysql.tables_priv where table_name='t1'\G -------------- select * from mysql.tables_priv where table_name='t1' -------------- *************************** 1. row *************************** Host: localhost Db: haha User: hoho Table_name: t1 Grantor: root@localhost Timestamp: 0000-00-00 00:00:00 Table_priv: Select,Insert,Update,Delete,Create,Drop,References,Index,Alter,Create View,Show view,Trigger Column_priv: 1 row in set (0.00 sec) mysql> drop table haha.t1; -------------- drop table haha.t1 -------------- Query OK, 0 rows affected (0.02 sec) mysql> select * from mysql.tables_priv where table_name='t1'\G -------------- select * from mysql.tables_priv where table_name='t1' -------------- *************************** 1. row *************************** Host: localhost Db: haha User: hoho Table_name: t1 Grantor: root@localhost Timestamp: 0000-00-00 00:00:00 Table_priv: Select,Insert,Update,Delete,Create,Drop,References,Index,Alter,Create View,Show view,Trigger Column_priv: 1 row in set (0.00 sec)
[9 Mar 2017 10:12]
MySQL Verification Team
Hello monty, Thank you for the report. As Joro pointed out in his previous note, this is an expected and consistent behavior. Marking this as !Bug. Thanks, Umesh