diff options
| -rw-r--r-- | mysql-test/r/plugin_not_embedded.result | 11 | ||||
| -rw-r--r-- | mysql-test/t/plugin_not_embedded-master.opt | 1 | ||||
| -rw-r--r-- | mysql-test/t/plugin_not_embedded.test | 20 | ||||
| -rw-r--r-- | sql/sql_plugin.cc | 2 |
4 files changed, 34 insertions, 0 deletions
diff --git a/mysql-test/r/plugin_not_embedded.result b/mysql-test/r/plugin_not_embedded.result new file mode 100644 index 00000000000..ca6b1e5b1f4 --- /dev/null +++ b/mysql-test/r/plugin_not_embedded.result @@ -0,0 +1,11 @@ +# +# Bug#51770: UNINSTALL PLUGIN requires no privileges +# +GRANT INSERT ON mysql.plugin TO bug51770@localhost; +INSTALL PLUGIN example SONAME 'ha_example.so'; +UNINSTALL PLUGIN example; +ERROR 42000: DELETE command denied to user 'bug51770'@'localhost' for table 'plugin' +GRANT DELETE ON mysql.plugin TO bug51770@localhost; +FLUSH PRIVILEGES; +UNINSTALL PLUGIN example; +DROP USER bug51770@localhost; diff --git a/mysql-test/t/plugin_not_embedded-master.opt b/mysql-test/t/plugin_not_embedded-master.opt new file mode 100644 index 00000000000..367d5233e0e --- /dev/null +++ b/mysql-test/t/plugin_not_embedded-master.opt @@ -0,0 +1 @@ +$EXAMPLE_PLUGIN_OPT diff --git a/mysql-test/t/plugin_not_embedded.test b/mysql-test/t/plugin_not_embedded.test new file mode 100644 index 00000000000..eea7deab40c --- /dev/null +++ b/mysql-test/t/plugin_not_embedded.test @@ -0,0 +1,20 @@ +--source include/not_embedded.inc +--source include/have_example_plugin.inc + +--echo # +--echo # Bug#51770: UNINSTALL PLUGIN requires no privileges +--echo # + +GRANT INSERT ON mysql.plugin TO bug51770@localhost; +connect(con1,localhost,bug51770,,); +eval INSTALL PLUGIN example SONAME $HA_EXAMPLE_SO; +--error ER_TABLEACCESS_DENIED_ERROR +UNINSTALL PLUGIN example; +connection default; +GRANT DELETE ON mysql.plugin TO bug51770@localhost; +FLUSH PRIVILEGES; +connection con1; +UNINSTALL PLUGIN example; +disconnect con1; +connection default; +DROP USER bug51770@localhost; diff --git a/sql/sql_plugin.cc b/sql/sql_plugin.cc index 9e35e392d2a..0706ef24881 100644 --- a/sql/sql_plugin.cc +++ b/sql/sql_plugin.cc @@ -1736,6 +1736,8 @@ bool mysql_uninstall_plugin(THD *thd, const LEX_STRING *name) bzero(&tables, sizeof(tables)); tables.db= (char *)"mysql"; tables.table_name= tables.alias= (char *)"plugin"; + if (check_table_access(thd, DELETE_ACL, &tables, 1, FALSE)) + DBUG_RETURN(TRUE); /* need to open before acquiring LOCK_plugin or it will deadlock */ if (! (table= open_ltable(thd, &tables, TL_WRITE, 0))) |