Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-6382

ANALYZE $stmt and security

    XMLWordPrintable

    Details

      Description

      (filing this based on discussion with Sanja)

      EXPLAIN has a special relationship with security. EXPLAIN over query with
      VIEWs will expose information about the structure of the VIEWs. Because of this, EXPLAIN checks SHOW_VIEW_ACL for every view it opens (code-wise, this is done in open_table)

      ANALYZE-statement produces EXPLAIN output, so it should require the same permissions. It needs to also require permissions that are needed for execution.

      See also: view_grant.test

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              psergey Sergei Petrunia
              Reporter:
              psergey Sergei Petrunia
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: