#At file:///data0/martin/bzr/6.0bt-bug36086/
------------------------------------------------------------
revno: 2656
revision-id: mhansson@stripped
parent: kpettersson@stripped
committer: Martin Hansson <mhansson@stripped>
branch nick: 6.0bt-bug36086
timestamp: Mon 2008-05-26 20:52:43 +0200
message:
Bug#36086: SELECT * from views don't check column grants
A "SELECT *" against an ALGORITHM=TEMPTABLE wrongfully treated
a view as an anonymous derived table, i.e. access checking
was skipped. Fixed by introducing a predicate to tell the difference
between named and anonymous derived tables.
modified:
mysql-test/r/view_grant.result sp1f-view_grant.result-20050404194355-hbbr5ud3thpo5tn65q6eyecswq5mdhwk
mysql-test/t/view_grant.test sp1f-view_grant.test-20050404194355-y5ik7soywcms7xriyzo72dooviahc7cx
sql/sql_acl.cc sp1f-sql_acl.cc-19700101030959-c4hku3uqxzujthqnndeprbrhamqy6a4i
sql/sql_derived.cc sp1f-sql_derived.cc-20020326130604-4qz6ovo2xa6w5eslbmcx76agmnyyvsfh
sql/table.h sp1f-table.h-19700101030959-dv72bajftxj5fbdjuajquappanuv2ija
per-file comments:
mysql-test/r/view_grant.result
Bug36086: Test result
mysql-test/t/view_grant.test
Bug36086: Test case
sql/sql_acl.cc
Bug#36086: Updated comment. This function was previously
not called for views.
sql/sql_derived.cc
Bug#36086:
- changed comment to Doxygen standard and added content.
- The fix. A view is implemented as a named derived table
(or projected onto a temporary table) and it should not
automatically be assumed that the user has fulfilled the
SELECT privileges. However, for anonymous derived tables
no privileges are required.
sql/table.h
Bug#36086:
- Commented the GRANT_INFO structure and members.
- Added predicate to be able to explicitly tell when a
TABLE_LIST represents an anonymous derived table in the
from clause. Currently, this is the only case that
mysql_derived_prepare must handle.
Attachment: [text/text/x-diff] patch-2656.diff
| Thread |
|---|
| • bzr commit into mysql-6.0-bugteam tree (mhansson:2656) Bug#36086 | Martin Hansson | 26 May |
