List:Commits« Previous MessageNext Message »
From:Martin Hansson Date:January 1 1970 12:00am
Subject:bzr commit into mysql-6.0-bugteam tree (mhansson:2656) Bug#36086
View as plain text  
#At file:///data0/martin/bzr/6.0bt-bug36086/

------------------------------------------------------------
revno: 2656
revision-id: mhansson@stripped
parent: kpettersson@stripped
committer: Martin Hansson <mhansson@stripped>
branch nick: 6.0bt-bug36086
timestamp: Tue 2008-05-27 14:10:58 +0200
message:
  Bug#36086: SELECT * from views don't check column grants
  
  A "SELECT *" against an ALGORITHM=TEMPTABLE wrongfully treated 
  a view as an anonymous derived table, i.e. access checking
  was skipped. Fixed by introducing a predicate to tell the difference
  between named and anonymous derived tables.
modified:
  mysql-test/r/view_grant.result sp1f-view_grant.result-20050404194355-hbbr5ud3thpo5tn65q6eyecswq5mdhwk
  mysql-test/t/view_grant.test   sp1f-view_grant.test-20050404194355-y5ik7soywcms7xriyzo72dooviahc7cx
  sql/sql_acl.cc                 sp1f-sql_acl.cc-19700101030959-c4hku3uqxzujthqnndeprbrhamqy6a4i
  sql/sql_derived.cc             sp1f-sql_derived.cc-20020326130604-4qz6ovo2xa6w5eslbmcx76agmnyyvsfh
  sql/table.h                    sp1f-table.h-19700101030959-dv72bajftxj5fbdjuajquappanuv2ija
per-file comments:
  mysql-test/r/view_grant.result
    Bug36086: Test result
  mysql-test/t/view_grant.test
    Bug36086: Test case
  sql/sql_acl.cc
    Bug#36086: Updated comment. This function was previously
    not called for views.
  sql/sql_derived.cc
    Bug#36086: 
    - changed comment to Doxygen standard and added content.
    - The fix. A view is implemented as a named derived table 
    (or projected onto a temporary table) and it should not 
    automatically be assumed that the user has fulfilled the 
    SELECT privileges. However, for anonymous derived tables 
    no privileges are required.
  sql/table.h
    Bug#36086: 
        
    - Commented the GRANT_INFO structure and members.
    - Added predicate to be able to explicitly tell when a
      TABLE_LIST represents an anonymous derived table in the 
      from clause. Currently, this is the only case that
      mysql_derived_prepare must handle.

Attachment: [text/text/x-diff] patch-2656.diff
Thread
bzr commit into mysql-6.0-bugteam tree (mhansson:2656) Bug#36086Martin Hansson27 May