database/mariadb
1
0
Fork 0
mirror of https://github.com/MariaDB/server.git synced 2025-07-30 16:24:05 +03:00
Code Activity

Fixed BUG#6030: Stored procedure has no appropriate DROP privilege.

Browse Source 
...and no ALTER privilege either.
  For now, only the definer and root can drop or alter an SP.


include/mysqld_error.h:
  New access denied error code when dropping/altering stored procedures.
include/sql_state.h:
  New access denied error code when dropping/altering stored procedures.
mysql-test/r/sp-error.result:
  Removed warning for "unitialized variable", as this popped up in unexpected
  places after the access control for drop/alter SPs was added. (And the warning
  was wrong and planned to be removed anyway.)
mysql-test/r/sp-security.result:
  Added tests for access control on who's allowed to drop and alter SPs.
mysql-test/r/sp.result:
  Updated results. (Warning removed.)
mysql-test/t/sp-error.test:
  Removed warning for "unitialized variable", as this popped up in unexpected
  places after the access control for drop/alter SPs was added. (And the warning
  was wrong and planned to be removed anyway.)
mysql-test/t/sp-security.test:
  Added tests for access control on who's allowed to drop and alter SPs.
sql/share/czech/errmsg.txt:
  New access denied error message when dropping/altering stored procedures.
sql/share/danish/errmsg.txt:
  New access denied error message when dropping/altering stored procedures.
sql/share/dutch/errmsg.txt:
  New access denied error message when dropping/altering stored procedures.
sql/share/english/errmsg.txt:
  New access denied error message when dropping/altering stored procedures.
sql/share/estonian/errmsg.txt:
  New access denied error message when dropping/altering stored procedures.
sql/share/french/errmsg.txt:
  New access denied error message when dropping/altering stored procedures.
sql/share/german/errmsg.txt:
  New access denied error message when dropping/altering stored procedures.
sql/share/greek/errmsg.txt:
  New access denied error message when dropping/altering stored procedures.
sql/share/hungarian/errmsg.txt:
  New access denied error message when dropping/altering stored procedures.
sql/share/italian/errmsg.txt:
  New access denied error message when dropping/altering stored procedures.
sql/share/japanese/errmsg.txt:
  New access denied error message when dropping/altering stored procedures.
sql/share/korean/errmsg.txt:
  New access denied error message when dropping/altering stored procedures.
sql/share/norwegian-ny/errmsg.txt:
  New access denied error message when dropping/altering stored procedures.
sql/share/norwegian/errmsg.txt:
  New access denied error message when dropping/altering stored procedures.
sql/share/polish/errmsg.txt:
  New access denied error message when dropping/altering stored procedures.
sql/share/portuguese/errmsg.txt:
  New access denied error message when dropping/altering stored procedures.
sql/share/romanian/errmsg.txt:
  New access denied error message when dropping/altering stored procedures.
sql/share/russian/errmsg.txt:
  New access denied error message when dropping/altering stored procedures.
sql/share/serbian/errmsg.txt:
  New access denied error message when dropping/altering stored procedures.
sql/share/slovak/errmsg.txt:
  New access denied error message when dropping/altering stored procedures.
sql/share/spanish/errmsg.txt:
  New access denied error message when dropping/altering stored procedures.
sql/share/swedish/errmsg.txt:
  New access denied error message when dropping/altering stored procedures.
sql/share/ukrainian/errmsg.txt:
  New access denied error message when dropping/altering stored procedures.
sql/sql_parse.cc:
  Added minimal access control for DROP/ALTER PROCEDURE/FUNCTION. Only the definer
  and root are allowed to do this.
sql/sql_yacc.yy:
  Removed warning for "unitialized variable", as this popped up in unexpected
  places after the access control for drop/alter SPs was added. (And the warning
  was wrong and planned to be removed anyway.)
This commit is contained in:
unknown
2004-10-22 20:29:06 +02:00
parent 35588c9dd0
commit a50cd5c53d
32 changed files with 148 additions and 46 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
mysql-test/r/sp-error.result
View File

@ -115,14 +115,6 @@ foo: loop
set @x=2;
end loop bar|
ERROR 42000: End-label bar without match
create procedure foo(out x int)
begin
declare y int;
set x = y;
end|
Warnings:
Warning 1311 Referring to uninitialized variable y
drop procedure foo|
create procedure foo()
return 42|
ERROR 42000: RETURN is only allowed in a FUNCTION

11
mysql-test/r/sp-security.result
View File

@ -107,13 +107,20 @@ s1
0
2
2
alter procedure p modifies sql data;
drop procedure p;
alter procedure q modifies sql data;
ERROR 42000: Access denied; you are not the procedure/function definer of 'db2.q'
drop procedure q;
ERROR 42000: Access denied; you are not the procedure/function definer of 'db2.q'
use db2;
alter procedure q modifies sql data;
drop procedure q;
use test;
select type,db,name from mysql.proc;
type db name
FUNCTION db1_secret db
PROCEDURE db1_secret stamp
PROCEDURE db2 p
PROCEDURE db2 q
drop database db1_secret;
drop database db2;
select type,db,name from mysql.proc;

4
mysql-test/r/sp.result
View File

@ -1843,13 +1843,9 @@ begin
declare v char;
return v;
end|
Warnings:
Warning 1311 Referring to uninitialized variable v
select bug4487()|
bug4487()
NULL
Warnings:
Warning 1311 Referring to uninitialized variable v
drop function bug4487|
drop procedure if exists bug4941|
create procedure bug4941(out x int)

8
mysql-test/t/sp-error.test
View File

@ -156,14 +156,6 @@ foo: loop
set @x=2;
end loop bar|
# Referring to undef variable
create procedure foo(out x int)
begin
declare y int;
set x = y;
end|
drop procedure foo|
# RETURN in FUNCTION only
--error 1313
create procedure foo()

26
mysql-test/t/sp-security.test
View File

@ -180,8 +180,32 @@ use db2;
call q();
select * from t2;
# Clean up
#
# BUG#6030: Stored procedure has no appropriate DROP privilege
# (or ALTER for that matter)
# still connection con2user1 in db2
# This should work:
alter procedure p modifies sql data;
drop procedure p;
# This should NOT work
--error 1370
alter procedure q modifies sql data;
--error 1370
drop procedure q;
connection con1root;
use db2;
# But root always can
alter procedure q modifies sql data;
drop procedure q;
# Clean up
#Still connection con1root;
use test;
select type,db,name from mysql.proc;
drop database db1_secret;