Skip to content

M
mariadb
Switch branch/tag
Find file Normal viewHistoryPermalink
sp-security.result 1.35 KB
Newer Older
pem@mysql.comhem.se's avatar
WL#1365: Implement definer's rights execution of stored procedures.  
pem@mysql.comhem.se committed
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 
use test;
grant usage on *.* to dummy@localhost;
drop database if exists db1_secret;
create database db1_secret;
use db1_secret;
create table t1 ( u varchar(64), i int );
create procedure stamp(i int)
insert into db1_secret.t1 values (user(), i);
show procedure status like 'stamp';
Name	Type	Definer	Modified	Created	Security_type	Comment
stamp	PROCEDURE	root@localhost	0000-00-00 00:00:00	0000-00-00 00:00:00	DEFINER	
call stamp(1);
select * from t1;
u	i
root@localhost	1
call stamp(2);
select * from db1_secret.t1;
ERROR 42000: Access denied for user: 'dummy'@'localhost' to database 'db1_secret'
call stamp(3);
select * from db1_secret.t1;
ERROR 42000: Access denied for user: ''@'localhost' to database 'db1_secret'
select * from t1;
u	i
root@localhost	1
dummy@localhost	2
anon@localhost	3
alter procedure stamp sql security invoker;
show procedure status like 'stamp';
Name	Type	Definer	Modified	Created	Security_type	Comment
stamp	PROCEDURE	root@localhost	0000-00-00 00:00:00	0000-00-00 00:00:00	INVOKER	
call stamp(4);
select * from t1;
u	i
root@localhost	1
dummy@localhost	2
anon@localhost	3
root@localhost	4
call stamp(5);
ERROR 42000: Access denied for user: 'dummy'@'localhost' to database 'db1_secret'
call stamp(6);
ERROR 42000: Access denied for user: ''@'localhost' to database 'db1_secret'
use test;
drop database db1_secret;
delete from mysql.user where user='dummy';
GitLab Nexedi Edition | About GitLab | About Nexedi | 沪ICP备2021021310号-2 | 沪ICP备2021021310号-7