Details
-
Bug
-
Status: Closed (View Workflow)
-
Critical
-
Resolution: Fixed
-
10.3.1
-
None
Description
A user with only the SELECT privilege cannot use NEXTVAL (understandably, which requires the INSERT privilege), but can ALTER the sequence.
SHOW GRANTS FOR CURRENT_USER();
|
+-----------------------------------------------------------------------------------------------------------+
|
| Grants for s@localhost |
|
+-----------------------------------------------------------------------------------------------------------+
|
| GRANT SELECT ON *.* TO 's'@'localhost' IDENTIFIED BY PASSWORD '*7B9EBEED26AA52ED10C0F549FA863F13C39E0209' |
|
+-----------------------------------------------------------------------------------------------------------+
|
1 row in set (0.000 sec)
|
|
|
SELECT NEXTVAL(s5);
|
ERROR 1142 (42000): INSERT command denied to user 's'@'localhost' for table 's5'
|
|
|
ALTER SEQUENCE s5 RESTART 50;
|
Query OK, 0 rows affected (0.000 sec)
|
Attachments
Issue Links
- is part of
-
MDEV-10139 Support for SEQUENCE objects
-
- Closed
-
- relates to
-
MDEV-13717
Document permissions required to work with sequences
-
- Closed
-
Activity
| Field | Original Value | New Value |
|---|---|---|
| Link |
This issue relates to |
| Component/s | Authentication and Privilege System [ 13101 ] | |
| Fix Version/s | 10.3 [ 22126 ] | |
| Assignee | Michael Widenius [ monty ] |
| Status | Open [ 1 ] | In Progress [ 3 ] |
| Priority | Major [ 3 ] | Critical [ 2 ] |
| Fix Version/s | 10.3.5 [ 22905 ] | |
| Fix Version/s | 10.3 [ 22126 ] | |
| Resolution | Fixed [ 1 ] | |
| Status | In Progress [ 3 ] | Closed [ 6 ] |
| Link |
This issue is part of |
| Workflow | MariaDB v3 [ 82398 ] | MariaDB v4 [ 152770 ] |