mirror of
https://github.com/MariaDB/server.git
synced 2025-01-25 00:04:33 +01:00
84dc95cfcd
post push fix Updated partition_symlink since different error behavior if embedded (or not partitioned) mysql-test/r/partition_symlink.result: Bug#32167 another privilege bypass with DATA/INDEX DIRECTORY updated result file mysql-test/t/partition_symlink.test: Bug#32167 another privilege bypass with DATA/INDEX DIRECTORY Fix for embedded
172 lines
5.7 KiB
Text
172 lines
5.7 KiB
Text
# Test that must have symlink. eg. using DATA/INDEX DIR
|
|
# (DATA/INDEX DIR requires symlinks)
|
|
-- source include/have_partition.inc
|
|
-- source include/have_symlink.inc
|
|
# remove the not_windows line after fixing bug#33687
|
|
# symlinks must also work for files, not only directories
|
|
# as in --skip-symbolic-links
|
|
-- source include/not_windows.inc
|
|
-- disable_warnings
|
|
DROP TABLE IF EXISTS t1;
|
|
DROP DATABASE IF EXISTS mysqltest2;
|
|
-- enable_warnings
|
|
|
|
#
|
|
# Bug 32091: Security breach via directory changes
|
|
#
|
|
# The below test shows that a pre-existing table mysqltest2.t1 cannot be
|
|
# replaced by a user with no rights in 'mysqltest2'. The altered table
|
|
# test.t1 will be altered (remove partitioning) into the test directory
|
|
# and having its partitions removed from the mysqltest2 directory.
|
|
# (the partitions data files are named <tablename>#P#<partname>.MYD
|
|
# and will not collide with a non partitioned table's data files.)
|
|
# NOTE: the privileges on files and directories are the same for all
|
|
# database users in mysqld, though mysqld enforces privileges on
|
|
# the database and table levels which in turn maps to directories and
|
|
# files, but not the other way around (any db-user can use any
|
|
# directory or file that the mysqld-process can use, via DATA/INDEX DIR)
|
|
# this is the security flaw that was used in bug#32091 and bug#32111
|
|
|
|
-- echo # Creating two non colliding tables mysqltest2.t1 and test.t1
|
|
-- echo # test.t1 have partitions in mysqltest2-directory!
|
|
-- echo # user root:
|
|
CREATE USER mysqltest_1@localhost;
|
|
CREATE DATABASE mysqltest2;
|
|
USE mysqltest2;
|
|
CREATE TABLE t1 (a INT);
|
|
INSERT INTO t1 VALUES (0);
|
|
connect(con1,localhost,mysqltest_1,,);
|
|
-- echo # user mysqltest_1:
|
|
USE test;
|
|
-- replace_result $MYSQLTEST_VARDIR MYSQLTEST_VARDIR
|
|
eval CREATE TABLE t1 (a INT)
|
|
PARTITION BY LIST (a) (
|
|
PARTITION p0 VALUES IN (0)
|
|
DATA DIRECTORY '$MYSQLTEST_VARDIR/tmp'
|
|
INDEX DIRECTORY '$MYSQLTEST_VARDIR/tmp',
|
|
PARTITION p1 VALUES IN (1)
|
|
DATA DIRECTORY '$MYSQLTEST_VARDIR/tmp'
|
|
INDEX DIRECTORY '$MYSQLTEST_VARDIR/tmp',
|
|
PARTITION p2 VALUES IN (2)
|
|
);
|
|
-- echo # without the patch for bug#32091 this would create
|
|
-- echo # files mysqltest2/t1.MYD + .MYI and possible overwrite
|
|
-- echo # the mysqltest2.t1 table (depending on bug#32111)
|
|
-- replace_result $MYSQLTEST_VARDIR MYSQLTEST_VARDIR
|
|
ALTER TABLE t1 REMOVE PARTITIONING;
|
|
INSERT INTO t1 VALUES (1);
|
|
SELECT * FROM t1;
|
|
connection default;
|
|
-- echo # user root:
|
|
USE mysqltest2;
|
|
FLUSH TABLES;
|
|
-- echo # if the patch works, this should be different
|
|
-- echo # and before the patch they were the same!
|
|
SELECT * FROM t1;
|
|
USE test;
|
|
SELECT * FROM t1;
|
|
DROP TABLE t1;
|
|
DROP DATABASE mysqltest2;
|
|
# The below test shows that a pre-existing partition can not be
|
|
# destroyed by a new partition from another table.
|
|
# (Remember that a table or partition that uses the DATA/INDEX DIR
|
|
# is symlinked and thus has
|
|
# 1. the real file in the DATA/INDEX DIR and
|
|
# 2. a symlink in its default database directory pointing to
|
|
# the real file.
|
|
# So it is using/blocking 2 files in (in 2 different directories
|
|
-- echo # test that symlinks can not overwrite files when CREATE TABLE
|
|
-- echo # user root:
|
|
|
|
CREATE DATABASE mysqltest2;
|
|
USE mysqltest2;
|
|
-- replace_result $MYSQLTEST_VARDIR MYSQLTEST_VARDIR
|
|
eval CREATE TABLE t1 (a INT)
|
|
PARTITION BY LIST (a) (
|
|
PARTITION p0 VALUES IN (0)
|
|
DATA DIRECTORY '$MYSQLTEST_VARDIR/tmp'
|
|
INDEX DIRECTORY '$MYSQLTEST_VARDIR/tmp',
|
|
PARTITION p1 VALUES IN (1)
|
|
DATA DIRECTORY '$MYSQLTEST_VARDIR/tmp'
|
|
INDEX DIRECTORY '$MYSQLTEST_VARDIR/tmp'
|
|
);
|
|
connection con1;
|
|
-- echo # user mysqltest_1:
|
|
USE test;
|
|
-- replace_result $MYSQLTEST_VARDIR MYSQLTEST_VARDIR
|
|
-- error 1,1
|
|
eval CREATE TABLE t1 (a INT)
|
|
PARTITION BY LIST (a) (
|
|
PARTITION p0 VALUES IN (0)
|
|
DATA DIRECTORY '$MYSQLTEST_VARDIR/tmp'
|
|
INDEX DIRECTORY '$MYSQLTEST_VARDIR/tmp',
|
|
PARTITION p1 VALUES IN (1)
|
|
DATA DIRECTORY '$MYSQLTEST_VARDIR/tmp'
|
|
INDEX DIRECTORY '$MYSQLTEST_VARDIR/tmp'
|
|
);
|
|
-- replace_result $MYSQLTEST_VARDIR MYSQLTEST_VARDIR
|
|
-- error 1,1
|
|
eval CREATE TABLE t1 (a INT)
|
|
PARTITION BY LIST (a) (
|
|
PARTITION p0 VALUES IN (0)
|
|
DATA DIRECTORY '$MYSQLTEST_VARDIR/tmp'
|
|
INDEX DIRECTORY '$MYSQLTEST_VARDIR/tmp',
|
|
PARTITION p1 VALUES IN (1)
|
|
DATA DIRECTORY '$MYSQLTEST_VARDIR/tmp'
|
|
INDEX DIRECTORY '$MYSQLTEST_VARDIR/tmp'
|
|
);
|
|
connection default;
|
|
-- echo # user root (cleanup):
|
|
DROP DATABASE mysqltest2;
|
|
USE test;
|
|
DROP USER mysqltest_1@localhost;
|
|
disconnect con1;
|
|
|
|
#
|
|
# Bug #24633 SQL MODE "NO_DIR_IN_CREATE" does not work with partitioned tables
|
|
#
|
|
|
|
--replace_result $MYSQLTEST_VARDIR MYSQLTEST_VARDIR
|
|
eval create table t2 (i int )
|
|
partition by range (i)
|
|
(
|
|
partition p01 values less than (1000)
|
|
data directory="$MYSQLTEST_VARDIR/tmp"
|
|
index directory="$MYSQLTEST_VARDIR/tmp"
|
|
);
|
|
|
|
set @org_mode=@@sql_mode;
|
|
set @@sql_mode='NO_DIR_IN_CREATE';
|
|
select @@sql_mode;
|
|
create table t1 (i int )
|
|
partition by range (i)
|
|
(
|
|
partition p01 values less than (1000)
|
|
data directory='/not/existing'
|
|
index directory='/not/existing'
|
|
);
|
|
|
|
--replace_result $MYSQLTEST_VARDIR MYSQLTEST_VARDIR
|
|
show create table t2;
|
|
DROP TABLE t1, t2;
|
|
set @@sql_mode=@org_mode;
|
|
|
|
#
|
|
# Bug 21350: Data Directory problems
|
|
#
|
|
# Added ER_WRONG_TABLE_NAME and reported bug#39045
|
|
-- error ER_WRONG_ARGUMENTS, ER_WRONG_TABLE_NAME
|
|
create table t1 (a int)
|
|
partition by key (a)
|
|
(partition p0 DATA DIRECTORY 'part-data' INDEX DIRECTORY 'part-data');
|
|
|
|
#
|
|
# Insert a test that manages to create the first partition and fails with
|
|
# the second, ensure that we clean up afterwards in a proper manner.
|
|
#
|
|
# Added ER_WRONG_TABLE_NAME and reported bug#39045
|
|
--error ER_WRONG_ARGUMENTS, ER_WRONG_TABLE_NAME
|
|
create table t1 (a int)
|
|
partition by key (a)
|
|
(partition p0,
|
|
partition p1 DATA DIRECTORY 'part-data' INDEX DIRECTORY 'part-data');
|