Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-5998

MySQL Bug#11756966 - 48958: STORED PROCEDURES CAN BE LEVERAGED TO BYPASS DATABASE SECURITY

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Critical
    • Resolution: Fixed
    • Affects Version/s: 10.0.10
    • Fix Version/s: 10.0.12
    • Component/s: None
    • Labels:
      None

      Description

      revno: 3257
      committer: Jon Olav Hauglid <jon.hauglid@oracle.com>
      branch nick: mysql-trunk-bug11756966
      timestamp: Thu 2011-07-14 09:32:01 +0200
      message:
        Bug#11756966 - 48958: STORED PROCEDURES CAN BE LEVERAGED TO BYPASS
                       DATABASE SECURITY
      
        The problem was that CREATE PROCEDURE/FUCTION could be used to
        check the existence of databases for which the user had no
        privileges and therefore should not be allowed to see.
      
        The reason was that existence of a given database was checked
        before privileges. So trying to create a stored routine in
        a non-existent database would give a different error than trying
        to create a stored routine in a restricted database.
      
        This patch fixes the problem by changing the order of the checks
        for CREATE PROCEDURE/FUNCTION so that privileges are checked first.
        This means that trying to create a stored routine in a
        non-existent database and in a restricted database both will
        give ER_DBACCESS_DENIED_ERROR error.
      
        Test case added to grant.test.
      

        Gliffy Diagrams

          Attachments

            Issue Links

              Activity

              There are no comments yet on this issue.

                People

                • Assignee:
                  serg Sergei Golubchik
                  Reporter:
                  svoj Sergey Vojtovich
                • Votes:
                  0 Vote for this issue
                  Watchers:
                  1 Start watching this issue

                  Dates

                  • Created:
                    Updated:
                    Resolved:

                    Time Tracking

                    Estimated:
                    Original Estimate - Not Specified
                    Not Specified
                    Remaining:
                    Remaining Estimate - 0 minutes
                    0m
                    Logged:
                    Time Spent - 20 minutes
                    20m