Details
-
Bug
-
Status: Closed (View Workflow)
-
Critical
-
Resolution: Fixed
-
10.0.10
-
None
-
None
Description
revno: 3257
|
committer: Jon Olav Hauglid <jon.hauglid@oracle.com>
|
branch nick: mysql-trunk-bug11756966
|
timestamp: Thu 2011-07-14 09:32:01 +0200
|
message:
|
Bug#11756966 - 48958: STORED PROCEDURES CAN BE LEVERAGED TO BYPASS
|
DATABASE SECURITY
|
|
|
The problem was that CREATE PROCEDURE/FUCTION could be used to
|
check the existence of databases for which the user had no
|
privileges and therefore should not be allowed to see.
|
|
|
The reason was that existence of a given database was checked
|
before privileges. So trying to create a stored routine in
|
a non-existent database would give a different error than trying
|
to create a stored routine in a restricted database.
|
|
|
This patch fixes the problem by changing the order of the checks
|
for CREATE PROCEDURE/FUNCTION so that privileges are checked first.
|
This means that trying to create a stored routine in a
|
non-existent database and in a restricted database both will
|
give ER_DBACCESS_DENIED_ERROR error.
|
|
|
Test case added to grant.test.
|
Attachments
Issue Links
- is part of
-
MDEV-4784 merge test cases from 5.6
-
- Stalled
-