Commit 79fbd665 authored by unknown's avatar unknown

Bug#17279 user with no global privs and with create priv in db can create databases

 - Use binary charset in acl_cache, to make searches case sensitive
 - Add testcase 


mysql-test/r/grant2.result:
  Update test result
mysql-test/t/grant2.test:
  Add test case for bug#17279, checking that user with access to TESTDB can't create TEStdb
sql/sql_acl.cc:
  Use binary charset for the acl_cache to make the hash lookups case sensitive.
  Thus denying user with access to "TESTDB" access to "TEStdb"
parent 85e54a08
......@@ -334,3 +334,25 @@ lock table mysql.user write;
revoke all on *.* from 'mysqltest_1'@'localhost';
unlock tables;
drop user 'mysqltest_1'@'localhost';
create database TESTDB;
create table t2(a int);
create temporary table t1 as select * from mysql.user;
delete from mysql.user where host='localhost';
INSERT INTO mysql.user VALUES
('%','mysqltest_1',password('password'),'N','N','N','N','N','N',
'N','N','N','N','N','N','N','N','N','N','N','N','N','N','N','N','N','N','N','N',
'','','','',0,0,0,0);
INSERT INTO mysql.db VALUES
('%','TESTDB','mysqltest_1','Y','Y','Y','Y','Y','Y','N','Y','Y','Y','Y','N','Y','Y','Y','
Y','N');
Warnings:
Warning 1265 Data truncated for column 'Alter_routine_priv' at row 1
FLUSH PRIVILEGES;
create database TEStdb;
ERROR 42000: Access denied for user 'mysqltest_1'@'%' to database 'TEStdb'
delete from mysql.user;
delete from mysql.db where host='%' and user='mysqltest_1' and db='TESTDB';
insert into mysql.user select * from t1;
drop table t1, t2;
drop database TESTDB;
flush privileges;
......@@ -429,3 +429,38 @@ disconnect con2root;
disconnect con3root;
# End of 4.1 tests
#
# Bug#17279 user with no global privs and with create
# priv in db can create databases
#
create database TESTDB;
create table t2(a int);
create temporary table t1 as select * from mysql.user;
delete from mysql.user where host='localhost';
INSERT INTO mysql.user VALUES
('%','mysqltest_1',password('password'),'N','N','N','N','N','N',
'N','N','N','N','N','N','N','N','N','N','N','N','N','N','N','N','N','N','N','N',
'','','','',0,0,0,0);
INSERT INTO mysql.db VALUES
('%','TESTDB','mysqltest_1','Y','Y','Y','Y','Y','Y','N','Y','Y','Y','Y','N','Y','Y','Y','
Y','N');
FLUSH PRIVILEGES;
connect (con1,localhost,mysqltest_1,password,TESTDB);
# The user mysqltest_1 should only be allowed access to
# database TESTDB, not TEStdb
--error 1044
create database TEStdb;
# Clean-up
connection default;
delete from mysql.user;
delete from mysql.db where host='%' and user='mysqltest_1' and db='TESTDB';
insert into mysql.user select * from t1;
drop table t1, t2;
drop database TESTDB;
flush privileges;
......@@ -148,7 +148,9 @@ my_bool acl_init(bool dont_read_acl_tables)
acl_cache= new hash_filo(ACL_CACHE_SIZE, 0, 0,
(hash_get_key) acl_entry_get_key,
(hash_free_key) free, system_charset_info);
(hash_free_key) free,
/* Use the case sensitive "binary" charset */
&my_charset_bin);
if (dont_read_acl_tables)
{
DBUG_RETURN(0); /* purecov: tested */
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment