The following test case shows that mysql.tables_priv is wrongly populated
create user foo;
create database some_db;
create table some_db.t1 (a int , b int , secret int );
create role r_select_column;
create role r_active_column;
grant r_select_column to r_active_column;
grant r_active_column to foo;
grant select (a) on some_db.t1 to r_select_column;
select * from mysql.tables_priv order by user ;
Host Db User Table_name Grantor Timestamp Table_priv Column_priv
some_db r_select_column t1 root@localhost 0000-00-00 00:00:00 Select
grant insert (a) on some_db.t1 to r_active_column;
select * from mysql.tables_priv order by user ;
Host Db User Table_name Grantor Timestamp Table_priv Column_priv
some_db r_active_column t1 root@localhost 0000-00-00 00:00:00 Select , Insert
some_db r_select_column t1 root@localhost 0000-00-00 00:00:00 Select
-- There shouldn't be `Select` priv stored in Column_priv for r_active_column!
The cause of this bug is the mixing of GRANT_TABLE::cols and GRANT_TABLE::init_cols within the mysql_table_grant function.
There is a similar bug for GRANT_COLUMN::rights and GRANT_COLUMN::init_rights .
made changes -
2022-09-05 10:11
Field
Original Value
New Value
Assignee
Vicențiu Ciorbaru
[ cvicentiu
]
made changes -
2022-09-05 10:37
Description
The following test case shows that mysql.tables_priv is wrongly populated
root@localhost 0000-00-00 00:00:00 Select
root@localhost 0000-00-00 00:00:00 Insert
root@localhost 0000-00-00 00:00:00 Select, Insert
made changes -
2022-09-05 11:18
Description
The following test case shows that mysql.tables_priv is wrongly populated
root@localhost 0000-00-00 00:00:00 Select
root@localhost 0000-00-00 00:00:00 Insert
root@localhost 0000-00-00 00:00:00 Select, Insert
The following test case shows that mysql.tables_priv is wrongly populated
root@localhost 0000-00-00 00:00:00 Select
root@localhost 0000-00-00 00:00:00 Select, Insert
root@localhost 0000-00-00 00:00:00 Select
made changes -
2022-09-05 11:18
Assignee
Vicențiu Ciorbaru
[ cvicentiu
]
Sergei Golubchik
[ serg
]
Status
In Progress
[ 3
]
In Review
[ 10002
]
made changes -
2022-09-05 13:46
Priority
Major
[ 3
]
Critical
[ 2
]
made changes -
2022-09-09 12:50
Fix Version/s
10.4
[ 22408
]
Fix Version/s
10.5
[ 23123
]
Fix Version/s
10.6
[ 24028
]
Fix Version/s
10.7
[ 24805
]
Fix Version/s
10.8
[ 26121
]
Fix Version/s
10.9
[ 26905
]
made changes -
2022-09-12 20:45
Assignee
Sergei Golubchik
[ serg
]
Vicențiu Ciorbaru
[ cvicentiu
]
Status
In Review
[ 10002
]
Stalled
[ 10000
]
made changes -
2022-09-14 11:50
Fix Version/s
10.3.37
[ 28404
]
Fix Version/s
10.4.27
[ 28405
]
Fix Version/s
10.5.18
[ 28421
]
Fix Version/s
10.6.10
[ 28407
]
Fix Version/s
10.7.6
[ 28408
]
Fix Version/s
10.8.5
[ 28308
]
Fix Version/s
10.9.3
[ 28409
]
Fix Version/s
10.3
[ 22126
]
Fix Version/s
10.4
[ 22408
]
Fix Version/s
10.5
[ 23123
]
Fix Version/s
10.6
[ 24028
]
Fix Version/s
10.7
[ 24805
]
Fix Version/s
10.8
[ 26121
]
Fix Version/s
10.9
[ 26905
]
Resolution
Fixed
[ 1
]
Status
Stalled
[ 10000
]
Closed
[ 6
]
made changes -
2022-09-14 18:19
Fix Version/s
10.6.11
[ 28441
]
Fix Version/s
10.7.7
[ 28442
]
Fix Version/s
10.8.6
[ 28443
]
Fix Version/s
10.9.4
[ 28444
]
Fix Version/s
10.8.5
[ 28308
]
Fix Version/s
10.6.10
[ 28407
]
Fix Version/s
10.7.6
[ 28408
]
Fix Version/s
10.9.3
[ 28409
]
{"report":{"fcp":1345.1999998092651,"ttfb":657.3999996185303,"pageVisibility":"visible","entityId":114444,"key":"jira.project.issue.view-issue","isInitial":true,"threshold":1000,"elementTimings":{},"userDeviceMemory":8,"userDeviceProcessors":64,"apdex":0.5,"journeyId":"fe6424f7-cc67-405e-9c16-b4eed7465d70","navigationType":0,"readyForUser":1425.1999998092651,"redirectCount":0,"resourceLoadedEnd":1520.0999994277954,"resourceLoadedStart":664.0999994277954,"resourceTiming":[{"duration":197.69999980926514,"initiatorType":"link","name":"https://jira.mariadb.org/s/2c21342762a6a02add1c328bed317ffd-CDN/lu2cib/820016/12ta74/0a8bac35585be7fc6c9cc5a0464cd4cf/_/download/contextbatch/css/_super/batch.css","startTime":664.0999994277954,"connectEnd":0,"connectStart":0,"domainLookupEnd":0,"domainLookupStart":0,"fetchStart":664.0999994277954,"redirectEnd":0,"redirectStart":0,"requestStart":0,"responseEnd":861.7999992370605,"responseStart":0,"secureConnectionStart":0},{"duration":197.69999980926514,"initiatorType":"link","name":"https://jira.mariadb.org/s/7ebd35e77e471bc30ff0eba799ebc151-CDN/lu2cib/820016/12ta74/2bf333562ca6724060a9d5f1535471f6/_/download/contextbatch/css/jira.browse.project,project.issue.navigator,jira.view.issue,jira.general,jira.global,atl.general,-_super/batch.css?agile_global_admin_condition=true&jag=true&jira.create.linked.issue=true&slack-enabled=true","startTime":664.3999996185303,"connectEnd":0,"connectStart":0,"domainLookupEnd":0,"domainLookupStart":0,"fetchStart":664.3999996185303,"redirectEnd":0,"redirectStart":0,"requestStart":0,"responseEnd":862.0999994277954,"responseStart":0,"secureConnectionStart":0},{"duration":219.5,"initiatorType":"script","name":"https://jira.mariadb.org/s/0917945aaa57108d00c5076fea35e069-CDN/lu2cib/820016/12ta74/0a8bac35585be7fc6c9cc5a0464cd4cf/_/download/contextbatch/js/_super/batch.js?locale=en","startTime":664.5,"connectEnd":664.5,"connectStart":664.5,"domainLookupEnd":664.5,"domainLookupStart":664.5,"fetchStart":664.5,"redirectEnd":0,"redirectStart":0,"requestStart":664.5,"responseEnd":884,"responseStart":884,"secureConnectionStart":664.5},{"duration":273.3999996185303,"initiatorType":"script","name":"https://jira.mariadb.org/s/2d8175ec2fa4c816e8023260bd8c1786-CDN/lu2cib/820016/12ta74/2bf333562ca6724060a9d5f1535471f6/_/download/contextbatch/js/jira.browse.project,project.issue.navigator,jira.view.issue,jira.general,jira.global,atl.general,-_super/batch.js?agile_global_admin_condition=true&jag=true&jira.create.linked.issue=true&locale=en&slack-enabled=true","startTime":664.6999998092651,"connectEnd":664.6999998092651,"connectStart":664.6999998092651,"domainLookupEnd":664.6999998092651,"domainLookupStart":664.6999998092651,"fetchStart":664.6999998092651,"redirectEnd":0,"redirectStart":0,"requestStart":664.6999998092651,"responseEnd":938.0999994277954,"responseStart":938.0999994277954,"secureConnectionStart":664.6999998092651},{"duration":277.1000003814697,"initiatorType":"script","name":"https://jira.mariadb.org/s/a9324d6758d385eb45c462685ad88f1d-CDN/lu2cib/820016/12ta74/c92c0caa9a024ae85b0ebdbed7fb4bd7/_/download/contextbatch/js/atl.global,-_super/batch.js?locale=en","startTime":664.8999996185303,"connectEnd":664.8999996185303,"connectStart":664.8999996185303,"domainLookupEnd":664.8999996185303,"domainLookupStart":664.8999996185303,"fetchStart":664.8999996185303,"redirectEnd":0,"redirectStart":0,"requestStart":664.8999996185303,"responseEnd":942,"responseStart":942,"secureConnectionStart":664.8999996185303},{"duration":277.4000005722046,"initiatorType":"script","name":"https://jira.mariadb.org/s/d41d8cd98f00b204e9800998ecf8427e-CDN/lu2cib/820016/12ta74/1.0/_/download/batch/jira.webresources:calendar-en/jira.webresources:calendar-en.js","startTime":665.0999994277954,"connectEnd":665.0999994277954,"connectStart":665.0999994277954,"domainLookupEnd":665.0999994277954,"domainLookupStart":665.0999994277954,"fetchStart":665.0999994277954,"redirectEnd":0,"redirectStart":0,"requestStart":665.0999994277954,"responseEnd":942.5,"responseStart":942.5,"secureConnectionStart":665.0999994277954},{"duration":277.69999980926514,"initiatorType":"script","name":"https://jira.mariadb.org/s/d41d8cd98f00b204e9800998ecf8427e-CDN/lu2cib/820016/12ta74/1.0/_/download/batch/jira.webresources:calendar-localisation-moment/jira.webresources:calendar-localisation-moment.js","startTime":665.1999998092651,"connectEnd":665.1999998092651,"connectStart":665.1999998092651,"domainLookupEnd":665.1999998092651,"domainLookupStart":665.1999998092651,"fetchStart":665.1999998092651,"redirectEnd":0,"redirectStart":0,"requestStart":665.1999998092651,"responseEnd":942.8999996185303,"responseStart":942.8999996185303,"secureConnectionStart":665.1999998092651},{"duration":362.5999994277954,"initiatorType":"link","name":"https://jira.mariadb.org/s/b04b06a02d1959df322d9cded3aeecc1-CDN/lu2cib/820016/12ta74/a2ff6aa845ffc9a1d22fe23d9ee791fc/_/download/contextbatch/css/jira.global.look-and-feel,-_super/batch.css","startTime":665.5,"connectEnd":0,"connectStart":0,"domainLookupEnd":0,"domainLookupStart":0,"fetchStart":665.5,"redirectEnd":0,"redirectStart":0,"requestStart":0,"responseEnd":1028.0999994277954,"responseStart":0,"secureConnectionStart":0},{"duration":277.80000019073486,"initiatorType":"script","name":"https://jira.mariadb.org/rest/api/1.0/shortcuts/820016/47140b6e0a9bc2e4913da06536125810/shortcuts.js?context=issuenavigation&context=issueaction","startTime":665.5999994277954,"connectEnd":665.5999994277954,"connectStart":665.5999994277954,"domainLookupEnd":665.5999994277954,"domainLookupStart":665.5999994277954,"fetchStart":665.5999994277954,"redirectEnd":0,"redirectStart":0,"requestStart":665.5999994277954,"responseEnd":943.3999996185303,"responseStart":943.3999996185303,"secureConnectionStart":665.5999994277954},{"duration":362.30000019073486,"initiatorType":"link","name":"https://jira.mariadb.org/s/3ac36323ba5e4eb0af2aa7ac7211b4bb-CDN/lu2cib/820016/12ta74/d176f0986478cc64f24226b3d20c140d/_/download/contextbatch/css/com.atlassian.jira.projects.sidebar.init,-_super,-project.issue.navigator,-jira.view.issue/batch.css?jira.create.linked.issue=true","startTime":665.7999992370605,"connectEnd":0,"connectStart":0,"domainLookupEnd":0,"domainLookupStart":0,"fetchStart":665.7999992370605,"redirectEnd":0,"redirectStart":0,"requestStart":0,"responseEnd":1028.0999994277954,"responseStart":0,"secureConnectionStart":0},{"duration":278.19999980926514,"initiatorType":"script","name":"https://jira.mariadb.org/s/5d5e8fe91fbc506585e83ea3b62ccc4b-CDN/lu2cib/820016/12ta74/d176f0986478cc64f24226b3d20c140d/_/download/contextbatch/js/com.atlassian.jira.projects.sidebar.init,-_super,-project.issue.navigator,-jira.view.issue/batch.js?jira.create.linked.issue=true&locale=en","startTime":665.8999996185303,"connectEnd":665.8999996185303,"connectStart":665.8999996185303,"domainLookupEnd":665.8999996185303,"domainLookupStart":665.8999996185303,"fetchStart":665.8999996185303,"redirectEnd":0,"redirectStart":0,"requestStart":665.8999996185303,"responseEnd":944.0999994277954,"responseStart":944.0999994277954,"secureConnectionStart":665.8999996185303},{"duration":616.1999998092651,"initiatorType":"script","name":"https://jira.mariadb.org/s/d41d8cd98f00b204e9800998ecf8427e-CDN/lu2cib/820016/12ta74/1.0/_/download/batch/jira.webresources:bigpipe-js/jira.webresources:bigpipe-js.js","startTime":666.8999996185303,"connectEnd":666.8999996185303,"connectStart":666.8999996185303,"domainLookupEnd":666.8999996185303,"domainLookupStart":666.8999996185303,"fetchStart":666.8999996185303,"redirectEnd":0,"redirectStart":0,"requestStart":666.8999996185303,"responseEnd":1283.0999994277954,"responseStart":1283,"secureConnectionStart":666.8999996185303},{"duration":834.3000001907349,"initiatorType":"script","name":"https://jira.mariadb.org/s/d41d8cd98f00b204e9800998ecf8427e-CDN/lu2cib/820016/12ta74/1.0/_/download/batch/jira.webresources:bigpipe-init/jira.webresources:bigpipe-init.js","startTime":671.0999994277954,"connectEnd":671.0999994277954,"connectStart":671.0999994277954,"domainLookupEnd":671.0999994277954,"domainLookupStart":671.0999994277954,"fetchStart":671.0999994277954,"redirectEnd":0,"redirectStart":0,"requestStart":671.0999994277954,"responseEnd":1505.3999996185303,"responseStart":1505.3999996185303,"secureConnectionStart":671.0999994277954},{"duration":244.30000019073486,"initiatorType":"xmlhttprequest","name":"https://jira.mariadb.org/rest/webResources/1.0/resources","startTime":1039.7999992370605,"connectEnd":1039.7999992370605,"connectStart":1039.7999992370605,"domainLookupEnd":1039.7999992370605,"domainLookupStart":1039.7999992370605,"fetchStart":1039.7999992370605,"redirectEnd":0,"redirectStart":0,"requestStart":1039.7999992370605,"responseEnd":1284.0999994277954,"responseStart":1284.0999994277954,"secureConnectionStart":1039.7999992370605},{"duration":206.5,"initiatorType":"link","name":"https://jira.mariadb.org/s/d5715adaadd168a9002b108b2b039b50-CDN/lu2cib/820016/12ta74/be4b45e9cec53099498fa61c8b7acba4/_/download/contextbatch/css/jira.project.sidebar,-_super,-project.issue.navigator,-jira.general,-jira.browse.project,-jira.view.issue,-jira.global,-atl.general,-com.atlassian.jira.projects.sidebar.init/batch.css?agile_global_admin_condition=true&jag=true&jira.create.linked.issue=true&slack-enabled=true","startTime":1299.8999996185303,"connectEnd":0,"connectStart":0,"domainLookupEnd":0,"domainLookupStart":0,"fetchStart":1299.8999996185303,"redirectEnd":0,"redirectStart":0,"requestStart":0,"responseEnd":1506.3999996185303,"responseStart":0,"secureConnectionStart":0},{"duration":206.4000005722046,"initiatorType":"script","name":"https://jira.mariadb.org/s/d41d8cd98f00b204e9800998ecf8427e-CDN/lu2cib/820016/12ta74/e65b778d185daf5aee24936755b43da6/_/download/contextbatch/js/browser-metrics-plugin.contrib,-_super,-project.issue.navigator,-jira.view.issue,-atl.general/batch.js?agile_global_admin_condition=true&jag=true&jira.create.linked.issue=true&slack-enabled=true","startTime":1300.7999992370605,"connectEnd":1300.7999992370605,"connectStart":1300.7999992370605,"domainLookupEnd":1300.7999992370605,"domainLookupStart":1300.7999992370605,"fetchStart":1300.7999992370605,"redirectEnd":0,"redirectStart":0,"requestStart":1300.7999992370605,"responseEnd":1507.1999998092651,"responseStart":1507.1999998092651,"secureConnectionStart":1300.7999992370605},{"duration":218.89999961853027,"initiatorType":"script","name":"https://jira.mariadb.org/s/097ae97cb8fbec7d6ea4bbb1f26955b9-CDN/lu2cib/820016/12ta74/be4b45e9cec53099498fa61c8b7acba4/_/download/contextbatch/js/jira.project.sidebar,-_super,-project.issue.navigator,-jira.general,-jira.browse.project,-jira.view.issue,-jira.global,-atl.general,-com.atlassian.jira.projects.sidebar.init/batch.js?agile_global_admin_condition=true&jag=true&jira.create.linked.issue=true&locale=en&slack-enabled=true","startTime":1301.1999998092651,"connectEnd":1301.1999998092651,"connectStart":1301.1999998092651,"domainLookupEnd":1301.1999998092651,"domainLookupStart":1301.1999998092651,"fetchStart":1301.1999998092651,"redirectEnd":0,"redirectStart":0,"requestStart":1301.1999998092651,"responseEnd":1520.0999994277954,"responseStart":1520.0999994277954,"secureConnectionStart":1301.1999998092651},{"duration":198.4000005722046,"initiatorType":"script","name":"https://www.google-analytics.com/analytics.js","startTime":1338.5999994277954,"connectEnd":0,"connectStart":0,"domainLookupEnd":0,"domainLookupStart":0,"fetchStart":1338.5999994277954,"redirectEnd":0,"redirectStart":0,"requestStart":0,"responseEnd":1537,"responseStart":0,"secureConnectionStart":0}],"fetchStart":0,"domainLookupStart":0,"domainLookupEnd":0,"connectStart":0,"connectEnd":0,"requestStart":431,"responseStart":658,"responseEnd":662,"domLoading":661,"domInteractive":1583,"domContentLoadedEventStart":1583,"domContentLoadedEventEnd":1633,"domComplete":1785,"loadEventStart":1785,"loadEventEnd":1785,"userAgent":"Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)","marks":[{"name":"bigPipe.sidebar-id.start","time":1512.5999994277954},{"name":"bigPipe.sidebar-id.end","time":1513.5},{"name":"bigPipe.activity-panel-pipe-id.start","time":1513.5999994277954},{"name":"bigPipe.activity-panel-pipe-id.end","time":1519.0999994277954},{"name":"activityTabFullyLoaded","time":1658.2999992370605}],"measures":[],"correlationId":"459350e64777bb","effectiveType":"4g","downlink":9.3,"rtt":0,"serverDuration":158,"dbReadsTimeInMs":26,"dbConnsTimeInMs":35,"applicationHash":"9d11dbea5f4be3d4cc21f03a88dd11d8c8687422","experiments":[]}}
Bug
Critical
MDEV-14443 DENY clause for access control a.k.a. "negative grants"
