diff options
author | Sergey Glukhov <Sergey.Glukhov@sun.com> | 2009-06-25 15:52:50 +0500 |
---|---|---|
committer | Sergey Glukhov <Sergey.Glukhov@sun.com> | 2009-06-25 15:52:50 +0500 |
commit | 5eab9716ba7e335824ee373780f623355627d25b (patch) | |
tree | 110d33c36b9cead9673ed59e6d99bd2964dee00d /mysql-test | |
parent | 1d9b7877fc099c4e6f018c4da0014e042f64ce78 (diff) | |
download | mariadb-git-5eab9716ba7e335824ee373780f623355627d25b.tar.gz |
Bug#45412 SHOW CREATE TRIGGER does not require privileges to disclose trigger data
Added privilege checking to SHOW CREATE TRIGGER code.
mysql-test/r/trigger_notembedded.result:
test result
mysql-test/t/trigger_notembedded.test:
test case
sql/sql_show.cc:
Added privilege checking to SHOW CREATE TRIGGER code.
Diffstat (limited to 'mysql-test')
-rw-r--r-- | mysql-test/r/trigger_notembedded.result | 14 | ||||
-rw-r--r-- | mysql-test/t/trigger_notembedded.test | 23 |
2 files changed, 37 insertions, 0 deletions
diff --git a/mysql-test/r/trigger_notembedded.result b/mysql-test/r/trigger_notembedded.result index 1e13bff03b1..335e6910a3a 100644 --- a/mysql-test/r/trigger_notembedded.result +++ b/mysql-test/r/trigger_notembedded.result @@ -462,4 +462,18 @@ unlock tables; select * from t1; i drop table t1; +CREATE DATABASE db1; +CREATE TABLE db1.t1 (a char(30)) ENGINE=MEMORY; +CREATE TRIGGER db1.trg AFTER INSERT ON db1.t1 FOR EACH ROW +INSERT INTO db1.t1 VALUES('Some very sensitive data goes here'); +CREATE USER 'no_rights'@'localhost'; +REVOKE ALL ON *.* FROM 'no_rights'@'localhost'; +FLUSH PRIVILEGES; +SELECT trigger_name FROM INFORMATION_SCHEMA.TRIGGERS +WHERE trigger_schema = 'db1'; +trigger_name +SHOW CREATE TRIGGER db1.trg; +ERROR 42000: Access denied; you need the TRIGGER privilege for this operation +DROP USER 'no_rights'@'localhost'; +DROP DATABASE db1; End of 5.1 tests. diff --git a/mysql-test/t/trigger_notembedded.test b/mysql-test/t/trigger_notembedded.test index 9588ec6e3ed..7a7e6c6bc85 100644 --- a/mysql-test/t/trigger_notembedded.test +++ b/mysql-test/t/trigger_notembedded.test @@ -909,4 +909,27 @@ select * from t1; drop table t1; disconnect flush; +# +# Bug#45412 SHOW CREATE TRIGGER does not require privileges to disclose trigger data +# +CREATE DATABASE db1; +CREATE TABLE db1.t1 (a char(30)) ENGINE=MEMORY; +CREATE TRIGGER db1.trg AFTER INSERT ON db1.t1 FOR EACH ROW + INSERT INTO db1.t1 VALUES('Some very sensitive data goes here'); + +CREATE USER 'no_rights'@'localhost'; +REVOKE ALL ON *.* FROM 'no_rights'@'localhost'; +FLUSH PRIVILEGES; + +connect (con1,localhost,no_rights,,); +SELECT trigger_name FROM INFORMATION_SCHEMA.TRIGGERS + WHERE trigger_schema = 'db1'; +--error ER_SPECIFIC_ACCESS_DENIED_ERROR +SHOW CREATE TRIGGER db1.trg; + +connection default; +disconnect con1; +DROP USER 'no_rights'@'localhost'; +DROP DATABASE db1; + --echo End of 5.1 tests. |