Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-13732

User with SELECT privilege can ALTER sequence

    XMLWordPrintable

    Details

      Description

      A user with only the SELECT privilege cannot use NEXTVAL (understandably, which requires the INSERT privilege), but can ALTER the sequence.

      SHOW GRANTS FOR CURRENT_USER();
      +-----------------------------------------------------------------------------------------------------------+
      | Grants for s@localhost                                                                                    |
      +-----------------------------------------------------------------------------------------------------------+
      | GRANT SELECT ON *.* TO 's'@'localhost' IDENTIFIED BY PASSWORD '*7B9EBEED26AA52ED10C0F549FA863F13C39E0209' |
      +-----------------------------------------------------------------------------------------------------------+
      1 row in set (0.000 sec)
       
      SELECT NEXTVAL(s5);
      ERROR 1142 (42000): INSERT command denied to user 's'@'localhost' for table 's5'
       
      ALTER SEQUENCE s5 RESTART 50;
      Query OK, 0 rows affected (0.000 sec)
      

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              monty Michael Widenius
              Reporter:
              greenman Ian Gilfillan
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: