[MDEV-13732] User with SELECT privilege can ALTER sequence - Jira

A user with only the SELECT privilege cannot use NEXTVAL (understandably, which requires the INSERT privilege), but can ALTER the sequence.

SHOW GRANTS FOR CURRENT_USER();

+-----------------------------------------------------------------------------------------------------------+

| Grants for s@localhost                                                                                    |

+-----------------------------------------------------------------------------------------------------------+

| GRANT SELECT ON *.* TO 's'@'localhost' IDENTIFIED BY PASSWORD '*7B9EBEED26AA52ED10C0F549FA863F13C39E0209' |

+-----------------------------------------------------------------------------------------------------------+

1 row in set (0.000 sec)

SELECT NEXTVAL(s5);

ERROR 1142 (42000): INSERT command denied to user 's'@'localhost' for table 's5'

ALTER SEQUENCE s5 RESTART 50;

Query OK, 0 rows affected (0.000 sec)

is part of

MDEV-10139 Support for SEQUENCE objects

relates to

MDEV-13717 Document permissions required to work with sequences

Transition	Time In Source Status	Execution Times

Michael Widenius made transition - 2017-09-04 14:56

Open

In Progress

2h 57m

Michael Widenius made transition - 2018-02-14 14:44

In Progress

Closed

162d 23h 47m

Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.

MariaDB Server