diff options
| author | Tatjana Azundris Nuernberg <tatjana.nuernberg@oracle.com> | 2011-10-06 10:55:57 +0100 |
|---|---|---|
| committer | Tatjana Azundris Nuernberg <tatjana.nuernberg@oracle.com> | 2011-10-06 10:55:57 +0100 |
| commit | 0581820455c9133b9bd29711b27852e82b86a8d9 (patch) | |
| tree | b928ad7b96968462d9d57bc9212776ff50b3d4a9 /sql/sql_view.cc | |
| parent | 55acdc8121d00a8d22244ed11a0dbca47b1e4260 (diff) | |
| parent | 7944320f4e76aabd7b73015d2569f8c26f045f2c (diff) | |
| download | mariadb-git-0581820455c9133b9bd29711b27852e82b86a8d9.tar.gz | |
manual merge to reconcile with MySQL ticket 27145
Diffstat (limited to 'sql/sql_view.cc')
| -rw-r--r-- | sql/sql_view.cc | 36 |
1 files changed, 33 insertions, 3 deletions
diff --git a/sql/sql_view.cc b/sql/sql_view.cc index 6051aa028c7..525d8b9cccc 100644 --- a/sql/sql_view.cc +++ b/sql/sql_view.cc @@ -1281,9 +1281,39 @@ bool mysql_make_view(THD *thd, File_parser *parser, TABLE_LIST *table, if (!table->prelocking_placeholder && (old_lex->sql_command == SQLCOM_SELECT && old_lex->describe)) { - if (check_table_access(thd, SELECT_ACL, view_tables, FALSE, - UINT_MAX, TRUE) && - check_table_access(thd, SHOW_VIEW_ACL, table, FALSE, UINT_MAX, TRUE)) + /* + The user we run EXPLAIN as (either the connected user who issued + the EXPLAIN statement, or the definer of a SUID stored routine + which contains the EXPLAIN) should have both SHOW_VIEW_ACL and + SELECT_ACL on the view being opened as well as on all underlying + views since EXPLAIN will disclose their structure. This user also + should have SELECT_ACL on all underlying tables of the view since + this EXPLAIN will disclose information about the number of rows in it. + + To perform this privilege check we create auxiliary TABLE_LIST object + for the view in order a) to avoid trashing "table->grant" member for + original table list element, which contents can be important at later + stage for column-level privilege checking b) get TABLE_LIST object + with "security_ctx" member set to 0, i.e. forcing check_table_access() + to use active user's security context. + + There is no need for creating similar copies of table list elements + for underlying tables since they are just have been constructed and + thus have TABLE_LIST::security_ctx == 0 and fresh TABLE_LIST::grant + member. + + Finally at this point making sure we have SHOW_VIEW_ACL on the views + will suffice as we implicitly require SELECT_ACL anyway. + */ + + TABLE_LIST view; + bzero((char *)&view, sizeof(TABLE_LIST)); + view.db= table->db; + view.table_name= table->table_name; + + if (check_table_access(thd, SELECT_ACL, view_tables, + FALSE, UINT_MAX, TRUE) || + check_table_access(thd, SHOW_VIEW_ACL, &view, FALSE, UINT_MAX, TRUE)) { my_message(ER_VIEW_NO_EXPLAIN, ER(ER_VIEW_NO_EXPLAIN), MYF(0)); goto err; |