Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
M
MariaDB
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Analytics
Analytics
CI / CD
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
nexedi
MariaDB
Commits
1815e2de
Commit
1815e2de
authored
Jun 09, 2002
by
monty@hundin.mysql.fi
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Fixed privilege check problem with SELECT ... INTO OUTFILE
parent
a4ad0d5d
Changes
3
Show whitespace changes
Inline
Side-by-side
Showing
3 changed files
with
37 additions
and
22 deletions
+37
-22
sql/sql_parse.cc
sql/sql_parse.cc
+4
-12
tests/grant.pl
tests/grant.pl
+19
-3
tests/grant.res
tests/grant.res
+14
-7
No files found.
sql/sql_parse.cc
View file @
1815e2de
...
...
@@ -2494,7 +2494,7 @@ check_access(THD *thd,uint want_access,const char *db, uint *save_priv,
*
save_priv
=
thd
->
master_access
;
return
FALSE
;
}
if
((
want_access
&
~
thd
->
master_access
)
&
~
(
DB_ACLS
|
EXTRA_ACL
)
||
if
((
(
want_access
&
~
thd
->
master_access
)
&
~
(
DB_ACLS
|
EXTRA_ACL
)
)
||
!
db
&&
dont_check_global_grants
)
{
// We can never grant this
if
(
!
no_errors
)
...
...
@@ -2513,7 +2513,8 @@ check_access(THD *thd,uint want_access,const char *db, uint *save_priv,
thd
->
priv_user
,
db
);
/* purecov: inspected */
else
db_access
=
thd
->
db_access
;
want_access
&=
~
EXTRA_ACL
;
// Remove SHOW attribute
// Remove SHOW attribute and access rights we already have
want_access
&=
~
(
thd
->
master_access
|
EXTRA_ACL
);
db_access
=
((
*
save_priv
=
(
db_access
|
thd
->
master_access
))
&
want_access
);
/* grant_option is set if there exists a single table or column grant */
...
...
@@ -2567,17 +2568,8 @@ check_table_access(THD *thd,uint want_access,TABLE_LIST *tables,
}
else
if
(
check_access
(
thd
,
want_access
,
tables
->
db
,
&
tables
->
grant
.
privilege
,
0
,
no_errors
|
grant_option
))
{
if
(
grant_option
)
{
if
(
check_access
(
thd
,
want_access
&
(
uint
)
~
TABLE_ACLS
,
tables
->
db
,
&
tables
->
grant
.
privilege
,
0
,
no_errors
))
return
TRUE
;
}
else
return
TRUE
;
}
}
if
(
grant_option
)
return
check_grant
(
thd
,
want_access
&
~
EXTRA_ACL
,
org_tables
,
test
(
want_access
&
EXTRA_ACL
),
no_errors
);
...
...
tests/grant.pl
View file @
1815e2de
...
...
@@ -10,7 +10,8 @@ use strict;
use
vars
qw($dbh $user_dbh $opt_help $opt_Information $opt_force $opt_debug
$opt_verbose $opt_server $opt_root_user $opt_password $opt_user
$opt_database $opt_host $version $user $tables_cols $columns_cols)
;
$opt_database $opt_host $version $user $tables_cols $columns_cols
$tmp_table)
;
$version
=
"
1.0
";
$opt_help
=
$opt_Information
=
$opt_force
=
$opt_debug
=
$opt_verbose
=
0
;
...
...
@@ -35,6 +36,7 @@ $|=1;
$tables_cols
=
"
Host, Db, User, Table_name, Grantor, Table_priv, Column_priv
";
$columns_cols
=
"
Host, Db, User, Table_name, Column_name, Column_priv
";
$tmp_table
=
"
/tmp/grant-$$.test
";
#
# clear grant tables
...
...
@@ -294,6 +296,7 @@ safe_query("select $tables_cols from mysql.tables_priv");
safe_query
("
revoke ALL PRIVILEGES on
$opt_database
.test from
$user
");
safe_query
("
select
$tables_cols
from mysql.tables_priv
");
safe_query
("
revoke GRANT OPTION on
$opt_database
.test from
$user
",
1
);
#
# Test grants on database level
#
...
...
@@ -387,11 +390,24 @@ safe_query("grant ALL PRIVILEGES on $opt_database.test to $user identified by 'd
user_connect
(
0
,"
dummy
");
safe_query
("
grant SELECT on
$opt_database
.* to
$user
identified by ''
");
user_connect
(
0
);
safe_query
("
revoke SELECT on
$opt_database
.* from
$user
identified by ''
");
#
# Test bug reported in SELECT INTO OUTFILE
#
safe_query
("
create table
$opt_database
.test3 (a int)
");
safe_query
("
grant SELECT on
$opt_database
.test3 to
$user
");
safe_query
("
grant FILE on *.* to
$user
");
safe_query
("
insert into
$opt_database
.test3 values (1)
");
user_connect
(
0
);
user_query
("
select * into outfile '
$tmp_table
' from
$opt_database
.test3
");
#
# Clean up things
#
unlink
(
$tmp_table
);
safe_query
("
drop database
$opt_database
");
safe_query
("
delete from user where user='
$opt_user
'
");
safe_query
("
delete from db where user='
$opt_user
'
");
...
...
tests/grant.res
View file @
1815e2de
...
...
@@ -19,7 +19,7 @@ Access denied for user: 'grant_user@localhost' (Using password: NO)
set password FOR grant_user=''
Connecting grant_user
select * from mysql.user where user = 'grant_user'
localhost grant_user Y N N N N N N N N N N N N N
localhost grant_user Y N N N N N N N N N N N N N
NONE
select * from mysql.db where user = 'grant_user'
grant select on *.* to grant_user@localhost,grant_user@localhost
...
...
@@ -48,7 +48,7 @@ Error in execute: The host or user argument to GRANT is too long
grant select on grant_test.test to grant_user with grant option
Error in execute: grant command denied to user: 'grant_user@localhost' for table 'test'
set password FOR ''@''=''
Error in execute:
You are using MySQL as an anonymous users and anonymous users are not allowed to change passwords
Error in execute:
Can't find any matching row in the user table
set password FOR root@localhost = password('test')
Error in execute: Access denied for user: 'grant_user@localhost' to database 'mysql'
revoke select on *.* from grant_user@localhost
...
...
@@ -93,7 +93,7 @@ delete from user where user='grant_user'
flush privileges
grant select on grant_test.* to grant_user@localhost
select * from mysql.user where user = 'grant_user'
localhost grant_user N N N N N N N N N N N N N N
localhost grant_user N N N N N N N N N N N N N N
NONE
select * from mysql.db where user = 'grant_user'
localhost grant_test grant_user Y N N N N N N N N N
...
...
@@ -152,7 +152,7 @@ insert into mysql.user (host,user) values ('error','grant_user',0)
Error in execute: Access denied for user: 'grant_user@localhost' to database 'mysql'
revoke ALL PRIVILEGES on grant_test.* from grant_user@localhost
select * from mysql.user where user = 'grant_user'
localhost grant_user N N N N N N N N N N N N N N
localhost grant_user N N N N N N N N N N N N N N
NONE
select * from mysql.db where user = 'grant_user'
Connecting grant_user
...
...
@@ -311,7 +311,7 @@ revoke GRANT OPTION on grant_test.test from grant_user@localhost
Error in execute: There is no such grant defined for user 'grant_user' on host 'localhost' on table 'test'
grant select(a) on grant_test.test to grant_user@localhost
show columns from test
a int(11) YES NULL
select
a int(11) YES NULL
b int(11) YES NULL
grant insert (b), update (b) on grant_test.test to grant_user@localhost
...
...
@@ -437,6 +437,13 @@ grant ALL PRIVILEGES on grant_test.test to grant_user@localhost identified by 'd
Connecting grant_user
grant SELECT on grant_test.* to grant_user@localhost identified by ''
Connecting grant_user
revoke SELECT on grant_test.* from grant_user@localhost identified by ''
create table grant_test.test3 (a int)
grant SELECT on grant_test.test3 to grant_user@localhost
grant FILE on *.* to grant_user@localhost
insert into grant_test.test3 values (1)
Connecting grant_user
select * into outfile '/tmp/grant-11047.test' from grant_test.test3
drop database grant_test
delete from user where user='grant_user'
delete from db where user='grant_user'
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment