Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-8545

Security definer views don't work with engine's privilege checks

    XMLWordPrintable

Details

    Description

      This is a follow-up for MDEV-7574.

      Different engines check user privileges for some reasons. For example, InnoDB and XtraDB often check PROCESS privilege in the I_S code.

      All these checks always use invoker's privileges, and don't respect SQL SECURITY DEFINER of views.

      We should extract the fix for MDEV-7574 from the CONNECT code and make it into an easy to use function that all plugins can use. And change plugins to use it.

      Attachments

        Issue Links

          is part of

          Bug - A problem which impairs or prevents the functions of the product. MDEV-20549 SQL SECURITY DEFINER does not work for INFORMATION_SCHEMA tables

          • Major - Major loss of function.
          • Closed
          relates to

          Bug - A problem which impairs or prevents the functions of the product. MDEV-7574 Security definer views don't work with CONNECT ODBC tables

          • Major - Major loss of function.
          • Closed

          Activity

            People

              serg Sergei Golubchik
              serg Sergei Golubchik
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Git Integration

                  Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.