Bug #17139: Partitions: unprivileged user can effectively drop table

Now the DROP privilege is also required on a table in order to be able to drop a partition from the table using ALTER TABLE. sql/sql_parse.cc: Require DROP privilege in addition to ALTER for dropping a partition mysql-test/r/partition_grant.result: New BitKeeper file ``mysql-test/r/partition_grant.result'' mysql-test/t/partition_grant.test: New BitKeeper file ``mysql-test/t/partition_grant.test''
2025-12-24 11:21:21 +03:00 · 2006-03-07 12:42:23 -08:00
parent 29c66eea27
commit 870157e9fe
3 changed files with 81 additions and 2 deletions
--- a/sql/sql_parse.cc
+++ b/sql/sql_parse.cc
@@ -2975,6 +2975,11 @@ end_with_restore_list:
 #else
    {
      ulong priv=0;
+      ulong priv_needed= ALTER_ACL;
+      /* We also require DROP priv for ALTER TABLE ... DROP PARTITION */
+      if (lex->alter_info.flags & ALTER_DROP_PARTITION)
+        priv_needed|= DROP_ACL;
+
      if (lex->name && (!lex->name[0] || strlen(lex->name) > NAME_LEN))
      {
 	my_error(ER_WRONG_TABLE_NAME, MYF(0), lex->name);
@@ -2999,7 +3004,7 @@ end_with_restore_list:
        else
          select_lex->db= first_table->db;
      }
-      if (check_access(thd, ALTER_ACL, first_table->db,
+      if (check_access(thd, priv_needed, first_table->db,
 		       &first_table->grant.privilege, 0, 0,
                       test(first_table->schema_table)) ||
 	  check_access(thd,INSERT_ACL | CREATE_ACL,select_lex->db,&priv,0,0,
@@ -3010,7 +3015,7 @@ end_with_restore_list:
 	goto error;				/* purecov: inspected */
      if (grant_option)
      {
-	if (check_grant(thd, ALTER_ACL, all_tables, 0, UINT_MAX, 0))
+	if (check_grant(thd, priv_needed, all_tables, 0, UINT_MAX, 0))
 	  goto error;
 	if (lex->name && !test_all_bits(priv,INSERT_ACL | CREATE_ACL))
 	{					// Rename of table