• unknown's avatar
    Bug#17254: Error for DEFINER security on VIEW provides too much info · af1b3da5
    unknown authored
    If a view was created with the DEFINER security and later the definer user
    was dropped then a SELECT from the view throws the error message saying that
    there is no definer user is registered. This is ok for a root but too much
    for a mere user.
    
    Now the st_table_list::prepare_view_securety_context() function reveals
    the absence of the definer only to a superuser and throws the 'access denied'
    error to others.
    
    
    mysql-test/t/view_grant.test:
      Added a test case for bug#17254: Error for DEFINER security on VIEW provides too much info
    mysql-test/r/view_grant.result:
      Added a test case for bug#17254: Error for DEFINER security on VIEW provides too much info
    sql/table.cc:
      Bug#17254: Error for DEFINER security on VIEW provides too much info
      Now the st_table_list::prepare_view_securety_context() function reveals
      the absence of the definer only to a superuser and throws the 'access denied'
      error to others.
    af1b3da5
view_grant.test 25.4 KB