-
unknown authored
Non-definer of a view was allowed to alter that view. Due to this the alterer can elevate his access rights to access rights of the view definer and thus modify data which he wasn't allowed to modify. A view defined with SQL SECURITY INVOKER can't be used directly for access rights elevation. But a user can first alter the view SQL code and then alter the view to SQL SECURITY DEFINER and thus elevate his access rights. Due to this altering a view with SQL SECURITY INVOKER is also prohibited. Now the mysql_create_view function allows ALTER VIEW only to the view definer or a super user. mysql-test/t/view_grant.test: Added a test case for the bug#29908: A user can gain additional access through the ALTER VIEW. A test case was adjusted after fixfing bug#29908. mysql-test/r/view_grant.result: Added a test case for the bug#29908: A user can gain additional access through the ALTER VIEW. sql/sql_view.cc: Bug#29908: A user can gain additional access through the ALTER VIEW. Now the mysql_create_view function allows ALTER VIEW only to the view definer or a super user.
1cb6dc2b