MDEV-22374: VIEW with security definer require FILE privilege from definer not invoker in case of INTO OUTFILEbb-5.5-MDEV-22374

Check INTO OUTFILE clause always from invoker.
author: Oleksandr Byelkin <sanja@mariadb.com> 2020-04-28 09:16:33 +0200
committer: Oleksandr Byelkin <sanja@mariadb.com> 2020-04-28 09:16:33 +0200
commit: d08860b28f3645bb59275941e56d63bef7ea3e05 (patch)
tree: a456998d5d4e031d3176b7b9bea5740fe5377adb /sql/sql_parse.cc
parent: ac2604f923f5bd81920c5edd2c572a88778026dc (diff)
download: mariadb-git-bb-5.5-MDEV-22374.tar.gz
1 files changed, 9 insertions, 9 deletions
diff --git a/sql/sql_parse.cc b/sql/sql_parse.cc
index ae5a6b4cd35..515990c879f 100644
--- a/sql/sql_parse.cc
+++ b/sql/sql_parse.cc
@@ -2206,15 +2206,15 @@ mysql_execute_command(THD *thd)
       lex->exchange != NULL implies SELECT .. INTO OUTFILE and this
       requires FILE_ACL access.
     */
-    ulong privileges_requested= lex->exchange ? SELECT_ACL | FILE_ACL :
-      SELECT_ACL;
-
-    if (all_tables)
-      res= check_table_access(thd,
-                              privileges_requested,
-                              all_tables, FALSE, UINT_MAX, FALSE);
-    else
-      res= check_access(thd, privileges_requested, any_db, NULL, NULL, 0, 0);
+    if (lex->exchange)
+      res= check_access(thd, FILE_ACL, any_db, NULL, NULL, 0, 0);
+    if (!res)
+    {
+      if (all_tables)
+        res= check_table_access(thd, SELECT_ACL, all_tables, FALSE, UINT_MAX, FALSE);
+      else
+        res= check_access(thd, SELECT_ACL, any_db, NULL, NULL, 0, 0);
+    }
 
     if (res)
       break;
author	Oleksandr Byelkin <sanja@mariadb.com>	2020-04-28 09:16:33 +0200
committer	Oleksandr Byelkin <sanja@mariadb.com>	2020-04-28 09:16:33 +0200
commit	d08860b28f3645bb59275941e56d63bef7ea3e05 (patch)
tree	a456998d5d4e031d3176b7b9bea5740fe5377adb /sql/sql_parse.cc
parent	ac2604f923f5bd81920c5edd2c572a88778026dc (diff)
download	mariadb-git-bb-5.5-MDEV-22374.tar.gz