Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-6382

ANALYZE $stmt and security

    XMLWordPrintable

Details

    Description

      (filing this based on discussion with Sanja)

      EXPLAIN has a special relationship with security. EXPLAIN over query with
      VIEWs will expose information about the structure of the VIEWs. Because of this, EXPLAIN checks SHOW_VIEW_ACL for every view it opens (code-wise, this is done in open_table)

      ANALYZE-statement produces EXPLAIN output, so it should require the same permissions. It needs to also require permissions that are needed for execution.

      See also: view_grant.test

      Attachments

        1. mdev6382_after.test
          167 kB
          Elena Stepanova
        2. mdev6382_before.test
          186 kB
          Elena Stepanova

        Issue Links

          Activity

            People

              psergei Sergei Petrunia
              psergei Sergei Petrunia
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Git Integration

                  Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.