maria-developers team mailing list archive
-
maria-developers team
-
Mailing list archive
-
Message #11273
Re: 326db1a: Mdev-14853 Grant does not work correctly when table contains...
Hi, Sachin!
On Apr 26, sachin wrote:
> revision-id: 326db1a2aaa9b275a1a21a863e8cd2d9fa1b1d5f (mariadb-10.3.6-46-g326db1a)
> parent(s): 9477a2a9ba17c0db362e2bb39d5048e369096f39
> author: Sachin Setiya
> committer: Sachin Setiya
> timestamp: 2018-04-26 12:47:25 +0530
> message:
>
> Mdev-14853 Grant does not work correctly when table contains...
> SYSTEM_INVISIBLE or COMPLETELY_INVISIBLE
>
> This commit does multiple things to solve this mdev
> 1st add field into the parameter of check_column_grant_in_table_ref, so that
> we can find out field invisibility.
> 2nd If field->invisible >= INVISIBLE_SYSTEM skip access check and simple
> grant access.
Looks ok. A couple of comments about the test:
1. I suppose now you can use system versioning to test system invisible
fields, so there's no need to limit this test to debug-only builds.
2. please test a case when a user has *no* privileges on the table at
all. To make sure he cannot select always-readable system invisible
fields.
and change the capitalization in the commit comment to say MDEV not
Mdev - I suspect this was the reason why Jira didn't pick up your commit.
Thanks!
Sergei
Chief Architect MariaDB
and security@xxxxxxxxxxx