• unknown's avatar
    Bug#29908: A user can gain additional access through the ALTER VIEW. · 1cb6dc2b
    unknown authored
    Non-definer of a view was allowed to alter that view. Due to this the alterer
    can elevate his access rights to access rights of the view definer and thus
    modify data which he wasn't allowed to modify. A view defined with
    SQL SECURITY INVOKER can't be used directly for access rights elevation.
    But a user can first alter the view SQL code and then alter the view to 
    SQL SECURITY DEFINER and thus elevate his access rights. Due to this
    altering a view with SQL SECURITY INVOKER is also prohibited.
    
    Now the mysql_create_view function allows ALTER VIEW only to the view
    definer or a super user. 
    
    
    mysql-test/t/view_grant.test:
      Added a test case for the bug#29908: A user can gain additional access through the
      ALTER VIEW.
      A test case was adjusted after fixfing bug#29908.
    mysql-test/r/view_grant.result:
      Added a test case for the bug#29908: A user can gain additional access through the
      ALTER VIEW.
    sql/sql_view.cc:
      Bug#29908: A user can gain additional access through the ALTER VIEW.
      Now the mysql_create_view function allows ALTER VIEW only to the view
      definer or a super user.
    1cb6dc2b
view_grant.test 31.9 KB