mirror of
https://github.com/MariaDB/server.git
synced 2025-01-21 06:22:28 +01:00
0a1f7e921b
Implement table-level TRIGGER privilege to control access to triggers. Before this path global SUPER privilege was used for this purpose, that was the big security problem. In details, before this patch SUPER privilege was required: - for the user at CREATE TRIGGER time to create a new trigger; - for the user at DROP TRIGGER time to drop the existing trigger; - for the definer at trigger activation time to execute the trigger (if the definer loses SUPER privilege, all its triggers become unavailable); This patch changes the behaviour in the following way: - TRIGGER privilege on the subject table for trigger is required: - for the user at CREATE TRIGGER time to create a new trigger; - for the user at DROP TRIGGER time to drop the existing trigger; - for the definer at trigger activation time to execute the trigger (if the definer loses TRIGGER privilege on the subject table, all its triggers on this table become unavailable). - SUPER privilege is still required: - for the user at CREATE TRIGGER time to explicitly set the trigger definer to the user other than CURRENT_USER(). When the server works with database of the previous version (w/o TRIGGER privilege), or if the database is being upgraded from the previous versions, TRIGGER privilege is granted to whose users, who have CREATE privilege.
37 lines
2 KiB
Text
37 lines
2 KiB
Text
DELETE FROM mysql.user WHERE User LIKE 'mysqltest_%';
|
|
DELETE FROM mysql.db WHERE User LIKE 'mysqltest_%';
|
|
DELETE FROM mysql.tables_priv WHERE User LIKE 'mysqltest_%';
|
|
DELETE FROM mysql.columns_priv WHERE User LIKE 'mysqltest_%';
|
|
FLUSH PRIVILEGES;
|
|
DROP DATABASE IF EXISTS mysqltest_db1;
|
|
CREATE DATABASE mysqltest_db1;
|
|
CREATE USER mysqltest_dfn@localhost;
|
|
CREATE USER mysqltest_inv@localhost;
|
|
GRANT CREATE, TRIGGER ON mysqltest_db1.* TO mysqltest_dfn@localhost;
|
|
|
|
---> connection: wl2818_definer_con
|
|
CREATE TABLE t1(num_value INT);
|
|
CREATE TABLE t2(user_str TEXT);
|
|
CREATE TRIGGER wl2818_trg1 BEFORE INSERT ON t1
|
|
FOR EACH ROW
|
|
INSERT INTO t2 VALUES(CURRENT_USER());
|
|
|
|
---> patching t1.TRG...
|
|
|
|
CREATE TRIGGER wl2818_trg2 AFTER INSERT ON t1
|
|
FOR EACH ROW
|
|
INSERT INTO t2 VALUES(CURRENT_USER());
|
|
Warnings:
|
|
Warning 1454 No definer attribute for trigger 'mysqltest_db1'.'wl2818_trg1'. The trigger will be activated under the authorization of the invoker, which may have insufficient privileges. Please recreate the trigger.
|
|
|
|
SELECT trigger_name, definer FROM INFORMATION_SCHEMA.TRIGGERS ORDER BY trigger_name;
|
|
trigger_name definer
|
|
wl2818_trg1
|
|
wl2818_trg2 mysqltest_dfn@localhost
|
|
Warnings:
|
|
Warning 1454 No definer attribute for trigger 'mysqltest_db1'.'wl2818_trg1'. The trigger will be activated under the authorization of the invoker, which may have insufficient privileges. Please recreate the trigger.
|
|
|
|
SELECT * FROM INFORMATION_SCHEMA.TRIGGERS ORDER BY trigger_name;
|
|
TRIGGER_CATALOG TRIGGER_SCHEMA TRIGGER_NAME EVENT_MANIPULATION EVENT_OBJECT_CATALOG EVENT_OBJECT_SCHEMA EVENT_OBJECT_TABLE ACTION_ORDER ACTION_CONDITION ACTION_STATEMENT ACTION_ORIENTATION ACTION_TIMING ACTION_REFERENCE_OLD_TABLE ACTION_REFERENCE_NEW_TABLE ACTION_REFERENCE_OLD_ROW ACTION_REFERENCE_NEW_ROW CREATED SQL_MODE DEFINER
|
|
NULL mysqltest_db1 wl2818_trg1 INSERT NULL mysqltest_db1 t1 0 NULL INSERT INTO t2 VALUES(CURRENT_USER()) ROW BEFORE NULL NULL OLD NEW NULL
|
|
NULL mysqltest_db1 wl2818_trg2 INSERT NULL mysqltest_db1 t1 0 NULL INSERT INTO t2 VALUES(CURRENT_USER()) ROW AFTER NULL NULL OLD NEW NULL mysqltest_dfn@localhost
|