Details
-
Bug
-
Status: Closed (View Workflow)
-
Critical
-
Resolution: Fixed
-
10.5, 10.6, 10.3(EOL), 10.4(EOL), 10.7(EOL), 10.8(EOL), 10.9(EOL)
-
None
Description
create procedure p1 () select 1; |
create role r1, r2; |
grant r1 to r2; |
create user foo@localhost; |
grant r2 to foo@localhost; |
grant execute on procedure test.p1 to r1; |
#grant alter routine on procedure test.p1 to r2; |
connect foo,localhost,foo; |
set role r2; |
show grants;
|
call p1();
|
this test succeeds, call p1() is allowed. but if grant alter routine is uncommented, the test fails.
Attachments
Issue Links
- blocks
-
MDEV-14443 DENY clause for access control a.k.a. "negative grants"
- Stalled
- relates to
-
MDEV-29458 Role grant commands do not propagate all grants
- Closed