[MDEV-8276] Information leakage in information_schema TokuDB_* tables - Jira

XML

Word

Printable

Details

Type: Bug
Status: Closed (View Workflow)
Priority: Minor
Resolution: Won't Fix
Affects Version/s: 10.0.19, 5.5(EOL), 10.0(EOL), 10.1(EOL)
Fix Version/s: N/A
Component/s: Storage Engine - TokuDB
Labels:
- tokudb
- upstream
Environment:
Debian 7 64-bit

Description

In information_schema in TokuDB_* tables every basic user with access can view other TokuDB databases, tables, keys names and some other minor information of ALL other users in current MySQL instance (including where user have NO access).

I doubt that it's correct behaviour as other table types does not leak any information.

Attachments

Activity

People

Assignee:: Unassigned

Reporter:: Alexander Loginov

Votes:: 0 Vote for this issue

Watchers:: 4 Start watching this issue

Dates

Created:: 2015-06-06 09:16

Updated:: 2024-09-12 21:34

Resolved:: 2024-09-12 21:34

Git Integration

Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.