From: Date: June 8 2005 11:51am Subject: bk commit into 5.0 tree (gluh:1.1946) BUG#10708 List-Archive: http://lists.mysql.com/internals/25747 X-Bug: 10708 Message-Id: <200506080951.j589pxiF010203@eagle.intranet.mysql.r18.ru> Below is the list of changes that have just been committed into a local 5.0 repository of gluh. When gluh does a push these changes will be propagated to the main repository and, within 24 hours after the push, to the public repository. For information on how to access the public repository see http://dev.mysql.com/doc/mysql/en/installing-source-tree.html ChangeSet 1.1946 05/06/08 14:51:53 gluh@stripped +3 -0 Bug#9683 INFORMATION_SCH: Creation of temporary table allowed in Information_schema DB Bug#9846 Inappropriate error displayed while dropping table from 'INFORMATION_SCHEMA' Bug#10734 Grant of privileges other than 'select' and 'create view' should fail on schema Bug#10708 SP's can use INFORMATION_SCHEMA as ROUTINE_SCHEMA cumulative fix for bugs above added privilege check for information schema db & tables sql/sql_parse.cc 1.452 05/06/08 14:50:54 gluh@stripped +21 -0 Bug#9683 INFORMATION_SCH: Creation of temporary table allowed in Information_schema DB Bug#9846 Inappropriate error displayed while dropping table from 'INFORMATION_SCHEMA' Bug#10734 Grant of privileges other than 'select' and 'create view' should fail on schema Bug#10708 SP's can use INFORMATION_SCHEMA as ROUTINE_SCHEMA mysql-test/t/information_schema.test 1.39 05/06/08 14:50:54 gluh@stripped +37 -1 Bug#9683 INFORMATION_SCH: Creation of temporary table allowed in Information_schema DB Bug#9846 Inappropriate error displayed while dropping table from 'INFORMATION_SCHEMA' Bug#10734 Grant of privileges other than 'select' and 'create view' should fail on schema Bug#10708 SP's can use INFORMATION_SCHEMA as ROUTINE_SCHEMA mysql-test/r/information_schema.result 1.56 05/06/08 14:50:54 gluh@stripped +23 -1 Bug#9683 INFORMATION_SCH: Creation of temporary table allowed in Information_schema DB Bug#9846 Inappropriate error displayed while dropping table from 'INFORMATION_SCHEMA' Bug#10734 Grant of privileges other than 'select' and 'create view' should fail on schema Bug#10708 SP's can use INFORMATION_SCHEMA as ROUTINE_SCHEMA # This is a BitKeeper patch. What follows are the unified diffs for the # set of deltas contained in the patch. The rest of the patch, the part # that BitKeeper cares about, is below these diffs. # User: gluh # Host: eagle.intranet.mysql.r18.ru # Root: /home/gluh/MySQL/Bugs/5.0.9846 --- 1.451/sql/sql_parse.cc Wed Jun 8 01:34:46 2005 +++ 1.452/sql/sql_parse.cc Wed Jun 8 14:50:54 2005 @@ -4745,6 +4745,7 @@ bool db_is_pattern= test(want_access & GRANT_ACL); #endif ulong dummy; + const char *db_name; DBUG_ENTER("check_access"); DBUG_PRINT("enter",("db: %s want_access: %lu master_access: %lu", db ? db : "", want_access, thd->master_access)); @@ -4762,6 +4763,17 @@ DBUG_RETURN(TRUE); /* purecov: tested */ } + db_name= db ? db : thd->db; + if ((want_access & ~(SELECT_ACL | EXTRA_ACL)) && + !my_strcasecmp(system_charset_info, db_name, + information_schema_name.str)) + { + if (!no_errors) + my_error(ER_DBACCESS_DENIED_ERROR, MYF(0), + thd->priv_user, thd->priv_host, db_name); + DBUG_RETURN(TRUE); + } + #ifdef NO_EMBEDDED_ACCESS_CHECKS DBUG_RETURN(0); #else @@ -4874,6 +4886,15 @@ TABLE_LIST *org_tables=tables; for (; tables; tables= tables->next_global) { + if (tables->schema_table && + (want_access & ~(SELECT_ACL | EXTRA_ACL))) + { + if (!no_errors) + my_error(ER_DBACCESS_DENIED_ERROR, MYF(0), + thd->priv_user, thd->priv_host, + information_schema_name.str); + return TRUE; + } if (tables->derived || tables->schema_table || tables->belong_to_view || (tables->table && (int)tables->table->s->tmp_table) || my_tz_check_n_skip_implicit_tables(&tables, --- 1.55/mysql-test/r/information_schema.result Tue Jun 7 11:30:59 2005 +++ 1.56/mysql-test/r/information_schema.result Wed Jun 8 14:50:54 2005 @@ -575,7 +575,7 @@ TABLE_PRIVILEGES TABLE_CONSTRAINTS create database information_schema; -ERROR HY000: Can't create database 'information_schema'; database exists +ERROR 42000: Access denied for user 'root'@'localhost' to database 'information_schema' use information_schema; show full tables like "T%"; Tables_in_information_schema (T%) Table_type @@ -823,3 +823,25 @@ drop user user1@localhost, user2@localhost, user3@localhost, user4@localhost; use test; drop database mysqltest; +alter database information_schema; +ERROR 42000: Access denied for user 'root'@'localhost' to database 'information_schema' +drop database information_schema; +ERROR 42000: Access denied for user 'root'@'localhost' to database 'information_schema' +drop table information_schema.tables; +ERROR 42000: Access denied for user 'root'@'localhost' to database 'information_schema' +alter table information_schema.tables; +ERROR 42000: Access denied for user 'root'@'localhost' to database 'information_schema' +use information_schema; +create temporary table schemata(f1 char(10)); +ERROR 42000: Access denied for user 'root'@'localhost' to database 'information_schema' +CREATE PROCEDURE p1 () +BEGIN +SELECT 'foo' FROM DUAL; +END | +ERROR 42000: Access denied for user 'root'@'localhost' to database 'information_schema' +select ROUTINE_NAME from routines; +ROUTINE_NAME +grant all on information_schema.* to 'user1'@'localhost'; +ERROR 42000: Access denied for user 'root'@'localhost' to database 'information_schema' +grant select on information_schema.* to 'user1'@'localhost'; +ERROR 42000: Access denied for user 'root'@'localhost' to database 'information_schema' --- 1.38/mysql-test/t/information_schema.test Tue Jun 7 11:31:00 2005 +++ 1.39/mysql-test/t/information_schema.test Wed Jun 8 14:50:54 2005 @@ -326,7 +326,7 @@ where table_schema='information_schema' limit 2; show tables from information_schema like "T%"; ---error 1007 +--error 1044 create database information_schema; use information_schema; show full tables like "T%"; @@ -542,3 +542,39 @@ drop user user1@localhost, user2@localhost, user3@localhost, user4@localhost; use test; drop database mysqltest; + +# +# Bug #9846 Inappropriate error displayed while dropping table from 'INFORMATION_SCHEMA' +# +--error 1044 +alter database information_schema; +--error 1044 +drop database information_schema; +--error 1044 +drop table information_schema.tables; +--error 1044 +alter table information_schema.tables; +# +# Bug #9683 INFORMATION_SCH: Creation of temporary table allowed in Information_schema DB +# +use information_schema; +--error 1044 +create temporary table schemata(f1 char(10)); +# +# Bug #10708 SP's can use INFORMATION_SCHEMA as ROUTINE_SCHEMA +# +delimiter |; +--error 1044 +CREATE PROCEDURE p1 () +BEGIN + SELECT 'foo' FROM DUAL; +END | +delimiter ;| +select ROUTINE_NAME from routines; +# +# Bug #10734 Grant of privileges other than 'select' and 'create view' should fail on schema +# +--error 1044 +grant all on information_schema.* to 'user1'@'localhost'; +--error 1044 +grant select on information_schema.* to 'user1'@'localhost';