Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-24450

GRANT privileges does not work properly

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed (View Workflow)
    • Priority: Critical
    • Resolution: Not a Bug
    • Affects Version/s: 5.5
    • Fix Version/s: N/A
    • Labels:
    • Environment:
      5.5.68-MariaDB MariaDB Server
      operating system: CentOS Linux release 7.9.2009 (Core)
      package: mariadb-server.x86_64 1:5.5.68-1.el7

      Description

      +-----------------------------------------------------------------------------------------------------------+
      | Grants for u1@localhost                                                                                   |
      +-----------------------------------------------------------------------------------------------------------+
      | GRANT USAGE ON *.* TO 'u1'@'localhost' IDENTIFIED BY PASSWORD '*15E297D3F78F9D76C6F45AE33FB6E74D335B52F2' |
      | GRANT SELECT ON `testDB`.`myTable` TO 'u1'@'localhost'                                         |
      +-----------------------------------------------------------------------------------------------------------+
      

      User 'u1'@'localhost' defined above should have access only to the single table "myTable" in the db "testDB" and shoud be able to use only SELECT command.
      Unfortunately such user have access to all existing dabases (except mysql, performance_schema) and can use any SQL command on all existing databases and their tables (even DROP TABLE and DROP DATABASE are allowed). This behaviour is quite strange and I suppose it is a security bug.

      NOTE: I tried the same GRANT settings on 10.3.17-MariaDB MariaDB Server installed on CentOS Linux release 8.3.2011 and there everything works properly as I would expect. User have access only to the single table and can use only SELECT command.

        Attachments

          Activity

            People

            Assignee:
            Unassigned Unassigned
            Reporter:
            Beran Filip Beran
            Votes:
            0 Vote for this issue
            Watchers:
            6 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved:

                Git Integration