Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-5998

MySQL Bug#11756966 - 48958: STORED PROCEDURES CAN BE LEVERAGED TO BYPASS DATABASE SECURITY

        Details

        • Type: Bug
        • Status: Closed
        • Priority: Critical
        • Resolution: Fixed
        • Affects Version/s: 10.0.10
        • Fix Version/s: 10.0.12
        • Component/s: None
        • Labels:
          None

          Description

          revno: 3257
committer: Jon Olav Hauglid <jon.hauglid@oracle.com>
branch nick: mysql-trunk-bug11756966
timestamp: Thu 2011-07-14 09:32:01 +0200
message:
  Bug#11756966 - 48958: STORED PROCEDURES CAN BE LEVERAGED TO BYPASS
                 DATABASE SECURITY

  The problem was that CREATE PROCEDURE/FUCTION could be used to
  check the existence of databases for which the user had no
  privileges and therefore should not be allowed to see.

  The reason was that existence of a given database was checked
  before privileges. So trying to create a stored routine in
  a non-existent database would give a different error than trying
  to create a stored routine in a restricted database.

  This patch fixes the problem by changing the order of the checks
  for CREATE PROCEDURE/FUNCTION so that privileges are checked first.
  This means that trying to create a stored routine in a
  non-existent database and in a restricted database both will
  give ER_DBACCESS_DENIED_ERROR error.

  Test case added to grant.test.

            Gliffy Diagrams

              Attachments

                Issue Links

                is part of

                Task - A task that needs to be done. MDEV-4784 merge test cases from 5.6

                • Minor - Minor loss of function, or other problem where easy workaround is present.
                • Stalled

                  Activity

                  There are no comments yet on this issue.

                    People

                    • Assignee:
                      serg Sergei Golubchik
                      Reporter:
                      svoj Sergey Vojtovich
                    • Votes:
                      0 Vote for this issue
                      Watchers:
                      1 Start watching this issue

                      Dates

                      • Created:
                        Updated:
                        Resolved:

                        Time Tracking

                        Estimated:
                        Original Estimate - Not Specified
                        Not Specified
                        Remaining:
                        Remaining Estimate - 0 minutes
                        0m
                        Logged:
                        Time Spent - 20 minutes
                        20m