mariadb

database/mariadb

Fork 0

mirror of https://github.com/MariaDB/server.git synced 2025-07-08 17:02:21 +03:00

Commit Graph

Author	SHA1	Message	Date
unknown	857b59578c	Fixed BUG#2777: Stored procedure doesn't observe definer's rights. SQL SECURITY DEFINER must enforce reduced rights too, not just additional rights. mysql-test/r/sp-security.result: Test case for BUG#2777: Make sure that SQL SECURITY DEFINER enforces reduced rights. mysql-test/t/sp-security.test: Test case for BUG#2777: Make sure that SQL SECURITY DEFINER enforces reduced rights. sql/sql_acl.cc: Clear rights before changing them in acl_getroot_no_password so that reduced rights work too, and take care of db acls as well.	2004-03-02 11:52:19 +01:00
unknown	241bb22699	Forgot to wrap things in #ifndef NO_EMBEDDED_ACCESS_CHECKS for the embedded server. Added missing cleanup in sp-security.test. mysql-test/r/sp-security.result: Added clean-up. mysql-test/t/sp-security.test: Added clean-up. sql/item_func.cc: Forgot to wrap things in #ifndef NO_EMBEDDED_ACCESS_CHECKS for the embedded server. sql/sp_head.cc: Forgot to wrap things in #ifndef NO_EMBEDDED_ACCESS_CHECKS for the embedded server. sql/sp_head.h: Forgot to wrap things in #ifndef NO_EMBEDDED_ACCESS_CHECKS for the embedded server. sql/sql_parse.cc: Forgot to wrap things in #ifndef NO_EMBEDDED_ACCESS_CHECKS for the embedded server.	2003-12-16 14:15:27 +01:00
unknown	a6f85eeac1	WL#1365: Implement definer's rights execution of stored procedures. (Also put the hostpart back in the definer column.) mysql-test/r/sp-error.result: Moved error test from sp.test mysql-test/r/sp.result: Moved error test to sp-error.test. Put hostpart back into definer column in mysql.proc. mysql-test/t/sp-error.test: Moved error test from sp.test mysql-test/t/sp.test: Moved error test to sp-error.test. Put hostpart back into definer column in mysql.proc. sql/item_func.cc: (Maybe) switch security context before invoking a stored function. sql/sp.cc: Renamed creator into definer, for more consistent terminology, and put the hostpart back. sql/sp_head.cc: Some fixes in the way things are allocated, and moved set_info() definition here from sp_head.h. creator is now called definer, and is split into a user and host part. Added functions for (possible) change and restore of privileges, for sql security definer calls. sql/sp_head.h: Moved set_info() definition here from sp_head.h. creator is now called definer, and is split into a user and host part. Added functions for (possible) change and restore of privileges, for sql security definer calls. sql/sql_acl.cc: New function acl_getroot_no_password() for getting the privileges used when calling an SP with sql security definer. sql/sql_acl.h: New function acl_getroot_no_password() for getting the privileges used when calling an SP with sql security definer. sql/sql_parse.cc: (Maybe) switch security context before invoking a stored procedure. sql/sql_yacc.yy: Fixed typo.	2003-12-13 16:40:52 +01:00

Author

SHA1

Message

Date

unknown

857b59578c

Fixed BUG#2777: Stored procedure doesn't observe definer's rights.

SQL SECURITY DEFINER must enforce reduced rights too, not just additional rights.


mysql-test/r/sp-security.result:
  Test case for BUG#2777: Make sure that SQL SECURITY DEFINER enforces reduced rights.
mysql-test/t/sp-security.test:
  Test case for BUG#2777: Make sure that SQL SECURITY DEFINER enforces reduced rights.
sql/sql_acl.cc:
  Clear rights before changing them in acl_getroot_no_password so that
  reduced rights work too, and take care of db acls as well.

2004-03-02 11:52:19 +01:00

unknown

241bb22699

Forgot to wrap things in #ifndef NO_EMBEDDED_ACCESS_CHECKS for the embedded server.

Added missing cleanup in sp-security.test.


mysql-test/r/sp-security.result:
  Added clean-up.
mysql-test/t/sp-security.test:
  Added clean-up.
sql/item_func.cc:
  Forgot to wrap things in #ifndef NO_EMBEDDED_ACCESS_CHECKS for the embedded server.
sql/sp_head.cc:
  Forgot to wrap things in #ifndef NO_EMBEDDED_ACCESS_CHECKS for the embedded server.
sql/sp_head.h:
  Forgot to wrap things in #ifndef NO_EMBEDDED_ACCESS_CHECKS for the embedded server.
sql/sql_parse.cc:
  Forgot to wrap things in #ifndef NO_EMBEDDED_ACCESS_CHECKS for the embedded server.

2003-12-16 14:15:27 +01:00

unknown

a6f85eeac1

WL#1365: Implement definer's rights execution of stored procedures.

(Also put the hostpart back in the definer column.)


mysql-test/r/sp-error.result:
  Moved error test from sp.test
mysql-test/r/sp.result:
  Moved error test to sp-error.test.
  Put hostpart back into definer column in mysql.proc.
mysql-test/t/sp-error.test:
  Moved error test from sp.test
mysql-test/t/sp.test:
  Moved error test to sp-error.test.
  Put hostpart back into definer column in mysql.proc.
sql/item_func.cc:
  (Maybe) switch security context before invoking a stored function.
sql/sp.cc:
  Renamed creator into definer, for more consistent terminology, and put the
  hostpart back.
sql/sp_head.cc:
  Some fixes in the way things are allocated, and moved set_info() definition
  here from sp_head.h. creator is now called definer, and is split into a
  user and host part.
  Added functions for (possible) change and restore of privileges, for sql security
  definer calls.
sql/sp_head.h:
  Moved set_info() definition here from sp_head.h.
  creator is now called definer, and is split into a user and host part.
  Added functions for (possible) change and restore of privileges, for sql security
  definer calls.
sql/sql_acl.cc:
  New function acl_getroot_no_password() for getting the privileges used when
  calling an SP with sql security definer.
sql/sql_acl.h:
  New function acl_getroot_no_password() for getting the privileges used when
  calling an SP with sql security definer.
sql/sql_parse.cc:
  (Maybe) switch security context before invoking a stored procedure.
sql/sql_yacc.yy:
  Fixed typo.

2003-12-13 16:40:52 +01:00

1 2

53 Commits