maria-developers team mailing list archive
-
maria-developers team
-
Mailing list archive
-
Message #12203
Re: 784cc5970dd: MDEV-19650: Privilege bug on MariaDB 10.4
Hi, Oleksandr!
On Apr 20, Oleksandr Byelkin wrote:
> > > > > +
> > > > > +CREATE TEMPORARY TABLE tmp_user_sys LIKE global_priv;
> > > > > +INSERT INTO tmp_user_sys (Host,User,Priv) VALUES ('localhost','mariadb.sys','{"access":512,"plugin":"mysql_native_password","authentication_string":"","account_locked":true,"password_last_changed":0}');
> > > > > +INSERT INTO global_priv SELECT * FROM tmp_user_sys WHERE NOT @had_sys_user;
> > > > > +DROP TABLE tmp_user_sys;
> > > >
> > > > 1. This could've been simply INSERT IGNORE, I suspect
> > >
> > > Nope, the idea is do not insert more than needed.
> >
> > Why would INSERT IGNORE insert more than needed?
>
> I thought you propose insert ignore instead of where clause, in any case I
> do not see why it should help.
I mean, instead of four lines above, I think, one can simply do
INSERT IGNORE global_priv (Host,User,Priv) VALUES ('localhost','mariadb.sys','{"access":512,"plugin":"mysql_native_password","authentication_string":"","account_locked":true,"password_last_changed":0}');
> > > 2. why access:512 ? It's FILE_ACL, iirc.
> > >
> > > Because LOAD used in tests and so in reality probably, so we need
> > FILE_ACL
> >
> > We need FILE_ACL, but why mariadb.sys account needs it?
> > mysql.user is a read-only view of the mysql.global_priv table,
> > its owner doesn't need FILE or INSERT/UPDATE/DELETE.
>
> As I told we somewhere in test suite (not main, but I don't remember
> exactly) test which require the permission otherwise I would not return and
> add more rights.
Where? The view is clearly not insertable-into, so INSERT privilege is
meaningless. Some fields are updateable, and one can delele from it.
This was more accidental than intentional, but ok, let's not change it
in 10.4.
And why does it need FILE privilege? The view owner cannot possibly do
any LOAD DATA.
Regards,
Sergei
VP of MariaDB Server Engineering
and security@xxxxxxxxxxx
References