From 0659b857e7fe232ebfe7f48c5e0affd59dbf5862 Mon Sep 17 00:00:00 2001 From: Kristofer Pettersson Date: Mon, 19 Oct 2009 14:58:13 +0200 Subject: Bug#27145 EXTRA_ACL troubles The flag EXTRA_ACL is used in conjugation with our access checks, yet it is not clear what impact this flag has. This is a code clean up which replaces use of EXTRA_ACL with an explicit function parameter. The patch also fixes privilege checks for: - SHOW CREATE TABLE: The new privilege requirement is any privilege on the table-level. - CHECKSUM TABLE: Requires SELECT on the table level. - SHOW CREATE VIEW: Requires SHOW_VIEW and SELECT on the table level (just as the manual claims) - SHOW INDEX: Requires any privilege on any column combination. mysql-test/r/grant.result: * Error message now shows correct command (SHOW instead of SELECT) mysql-test/r/grant2.result: * Error message now shows correct command (SHOW instead of SELECT) mysql-test/r/grant4.result: * This test file tests privilege requirements for SHOW COLUMNS CREATE TABLE .. LIKE SHOW CREATE TABLE SHOW INDEX CHECKSUM TABLE SHOW CREATE VIEW mysql-test/r/information_schema_db.result: * Added SELECT privilege to testdb_2 as SHOW CREATE VIEW now demands this privilege as well as SHOW VIEW. mysql-test/r/outfile.result: * Changed error code mysql-test/r/view_grant.result: * Additional SELECT privilege is now needed for SHOW CREATE VIEW mysql-test/t/grant4.test: * This test file tests privilege requirements for SHOW COLUMNS CREATE TABLE .. LIKE SHOW CREATE TABLE SHOW INDEX CHECKSUM TABLE SHOW CREATE VIEW mysql-test/t/information_schema_db.test: * Added SELECT privilege to testdb_2 as SHOW CREATE VIEW now demands this privilege as well as SHOW VIEW. mysql-test/t/outfile.test: * Changed error code mysql-test/t/view_grant.test: * Additional SELECT privilege is now needed for SHOW CREATE VIEW sql/mysql_priv.h: * Replaced EXTRA_ACL with a parameter sql/sp_head.cc: * Replaced EXTRA_ACL with a parameter sql/sql_acl.cc: * Converted function documentation to doxygen and clarified some behaviors. * Changed value from uint to bool to better reflect its meaning. * Removed pointless variable orig_want_access * Added function has_any_table_level_privileges to help with requirements checks during SHOW CREATE TABLE. sql/sql_acl.h: * changed signature of check_grant() * introduced access control function has_any_table_leevl_privileges() sql/sql_base.cc: * Check_table_access has new signature sql/sql_cache.cc: * Check_table_access has new signature sql/sql_parse.cc: * Rewrote function documentation in doxygen comments for: check_access, check_table_acces, check_grant. * Removed EXTRA_ACL flag where it doesn't hold any meaningful purpose anymore and replaced it with a function parameter where any privileges on any column combination would satisfy the requirement. * Fixed privilege check for SHOW COLUMNS and SHOW INDEX * Modified check_table_access to gain clarity in what EXTRA_ACL actually does. * Modified check_access to gain clarity in what EXTRA_ACL actually does. * Fixed privilege check for CREATE TABLE .. LIKE .. ; It now requires SELECT privileges on the table. * Fixed privilege check for SHOW CREATE TABLE ..; It now requires any privilege on the table level. sql/sql_plugin.cc: * check_table_access has new signature sql/sql_prepare.cc: * check_table_access has new signature sql/sql_show.cc: * check_table_access has new signature sql/sql_trigger.cc: * check_table_access has new signature sql/sql_update.cc: * check grant has new signature sql/sql_view.cc: * check_table_access has new signature --- sql/sql_show.cc | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) (limited to 'sql/sql_show.cc') diff --git a/sql/sql_show.cc b/sql/sql_show.cc index b16f050dea6..9a04ca7766a 100644 --- a/sql/sql_show.cc +++ b/sql/sql_show.cc @@ -560,7 +560,7 @@ find_files(THD *thd, List *files, const char *db, table_list.table_name= uname; table_list.table_name_length= file_name_len; table_list.grant.privilege=col_access; - if (check_grant(thd, TABLE_ACLS, &table_list, 1, 1, 1)) + if (check_grant(thd, TABLE_ACLS, &table_list, TRUE, 1, TRUE)) continue; } #endif @@ -3745,8 +3745,9 @@ static int get_schema_column_record(THD *thd, TABLE_LIST *tables, #ifndef NO_EMBEDDED_ACCESS_CHECKS uint col_access; - check_access(thd,SELECT_ACL | EXTRA_ACL, db_name->str, - &tables->grant.privilege, 0, 0, test(tables->schema_table)); + check_access(thd,SELECT_ACL, db_name->str, + &tables->grant.privilege, FALSE, FALSE, + test(tables->schema_table)); col_access= get_column_grant(thd, &tables->grant, db_name->str, table_name->str, field->field_name) & COL_ACLS; @@ -4174,7 +4175,8 @@ int fill_schema_proc(THD *thd, TABLE_LIST *tables, COND *cond) proc_tables.table_name= proc_tables.alias= (char*) "proc"; proc_tables.table_name_length= 4; proc_tables.lock_type= TL_READ; - full_access= !check_table_access(thd, SELECT_ACL, &proc_tables, 1, TRUE); + full_access= !check_table_access(thd, SELECT_ACL, &proc_tables, FALSE, + 1, TRUE); if (!(proc_table= open_proc_table_for_read(thd, &open_tables_state_backup))) { DBUG_RETURN(1); @@ -4583,7 +4585,7 @@ static int get_schema_triggers_record(THD *thd, TABLE_LIST *tables, Table_triggers_list *triggers= tables->table->triggers; int event, timing; - if (check_table_access(thd, TRIGGER_ACL, tables, 1, TRUE)) + if (check_table_access(thd, TRIGGER_ACL, tables, FALSE, 1, TRUE)) goto ret; for (event= 0; event < (int)TRG_EVENT_MAX; event++) @@ -7044,7 +7046,7 @@ bool show_create_trigger(THD *thd, const sp_name *trg_name) if (!lst) return TRUE; - if (check_table_access(thd, TRIGGER_ACL, lst, 1, TRUE)) + if (check_table_access(thd, TRIGGER_ACL, lst, FALSE, 1, TRUE)) { my_error(ER_SPECIFIC_ACCESS_DENIED_ERROR, MYF(0), "TRIGGER"); return TRUE; -- cgit v1.2.1