Bug #20901: CREATE privilege is enough to insert into a table

CREATE TABLE IF NOT EXISTS ... SELECT let you insert into an existing
table as long as you had the CREATE privilege.  CREATE ... SELECT
variants now always require INSERT privilege on target table.


mysql-test/r/create.result:
  Show that CREATE...SELECT requires INSERT privilege on target table.
mysql-test/r/grant.result:
  Sort output for a defined state.
mysql-test/t/create.test:
  Show that CREATE...SELECT requires INSERT privilege on target table.
mysql-test/t/grant.test:
  Sort output for a defined state.
sql/sql_parse.cc:
  Require INSERT privilege on target table for CREATE ... SELECT.

1 files changed, 8 insertions, 1 deletions

diff --git a/sql/sql_parse.cc b/sql/sql_parse.cc
index 24f9ef30569..880a145903c 100644
--- a/sql/sql_parse.cc
+++ b/sql/sql_parse.cc
@@ -5832,8 +5832,15 @@ int create_table_precheck(THD *thd, TABLE_LIST *tables,
   int error= 1;                                 // Error message is given
   DBUG_ENTER("create_table_precheck");
 
+  /*
+    Require CREATE [TEMPORARY] privilege on new table; for
+    CREATE TABLE ... SELECT, also require INSERT.
+  */
+
   want_priv= ((lex->create_info.options & HA_LEX_CREATE_TMP_TABLE) ?
-              CREATE_TMP_ACL : CREATE_ACL);
+              CREATE_TMP_ACL : CREATE_ACL) |
+             (select_lex->item_list.elements ? INSERT_ACL : 0);
+
   if (check_access(thd, want_priv, create_table->db,
 		   &create_table->grant.privilege, 0, 0) ||
       check_merge_table_access(thd, create_table->db,