Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-8545

Security definer views don't work with engine's privilege checks

    XMLWordPrintable

    Details

      Description

      This is a follow-up for MDEV-7574.

      Different engines check user privileges for some reasons. For example, InnoDB and XtraDB often check PROCESS privilege in the I_S code.

      All these checks always use invoker's privileges, and don't respect SQL SECURITY DEFINER of views.

      We should extract the fix for MDEV-7574 from the CONNECT code and make it into an easy to use function that all plugins can use. And change plugins to use it.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              serg Sergei Golubchik
              Reporter:
              serg Sergei Golubchik
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: