Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-24450

GRANT privileges does not work properly

    XMLWordPrintable

Details

    • Bug
    • Status: Closed (View Workflow)
    • Critical
    • Resolution: Not a Bug
    • 5.5
    • N/A
    • 5.5.68-MariaDB MariaDB Server
      operating system: CentOS Linux release 7.9.2009 (Core)
      package: mariadb-server.x86_64 1:5.5.68-1.el7

    Description

      +-----------------------------------------------------------------------------------------------------------+
      | Grants for u1@localhost                                                                                   |
      +-----------------------------------------------------------------------------------------------------------+
      | GRANT USAGE ON *.* TO 'u1'@'localhost' IDENTIFIED BY PASSWORD '*15E297D3F78F9D76C6F45AE33FB6E74D335B52F2' |
      | GRANT SELECT ON `testDB`.`myTable` TO 'u1'@'localhost'                                         |
      +-----------------------------------------------------------------------------------------------------------+
      

      User 'u1'@'localhost' defined above should have access only to the single table "myTable" in the db "testDB" and shoud be able to use only SELECT command.
      Unfortunately such user have access to all existing dabases (except mysql, performance_schema) and can use any SQL command on all existing databases and their tables (even DROP TABLE and DROP DATABASE are allowed). This behaviour is quite strange and I suppose it is a security bug.

      NOTE: I tried the same GRANT settings on 10.3.17-MariaDB MariaDB Server installed on CentOS Linux release 8.3.2011 and there everything works properly as I would expect. User have access only to the single table and can use only SELECT command.

      Attachments

        Activity

          People

            Unassigned Unassigned
            Beran Filip Beran
            Votes:
            0 Vote for this issue
            Watchers:
            6 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Git Integration

                Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.