← Back to team overview

ourdelta-developers team mailing list archive

  1. ourdelta-developers team
  2. Mailing list archive
  3. Message #00322

Re: [Bug 352840] Re: INNODB_BUFFER_POOL_CONTENT privacy issue

  Thread PreviousDate PreviousThread Next 
On Sun, Aug 2, 2009 at 6:50 PM, Yasufumi
Kinoshita<yasufumi.kinoshita@xxxxxxxxxxx> wrote:
> I think "PROCESS privilege" may be more proper than "SUPER privilege".
>
> http://dev.mysql.com/doc/refman/5.0/en/privileges-provided.html
>
>
> I have fixed also "INNODB_IO_PATTERN".
>
> http://bazaar.launchpad.net/~percona-dev/percona-patches/5.0.84-fix-
> bug-352840/revision/55
>
> Thank you.
>
>
> mysql> select * from INNODB_BUFFER_POOL_CONTENT;
> ERROR 1227 (42000): Access denied; you need the PROCESS privilege for this operation
> mysql> select * from INNODB_IO_PATTERN;
> ERROR 1227 (42000): Access denied; you need the PROCESS privilege for this operation
>
> ** Branch linked: lp:~percona-dev/percona-patches/5.0.84-fix-bug-352840
>
> ** Changed in: percona-patches
>       Status: Confirmed => Fix Committed
>
> --
> INNODB_BUFFER_POOL_CONTENT privacy issue
> https://bugs.launchpad.net/bugs/352840
> You received this bug notification because you are a direct subscriber
> of the bug.
>
> Status in OurDelta - Builds for MySQL: Confirmed
> Status in Patches for MySQL by Percona: Fix Committed
>
> Bug description:
> INNODB_BUFFER_POOL_CONTENT does not prune rows returned in terms of what databases/tables the requesting user has access to. In many environments it is unacceptable for user to have access to data about the names of all database and table that exist on the instance.
>
> I suggest that access to INNODB_BUFFER_POOL_CONTENT be restricted to user that have the SUPER privilege.
>

>From my perspective that works. Super and Process are not given to
customers.

-- 
Rob Wultsch
wultsch@xxxxxxxxx

-- 
INNODB_BUFFER_POOL_CONTENT privacy issue
https://bugs.launchpad.net/bugs/352840
You received this bug notification because you are a member of OurDelta-
developers, which is the registrant for OurDelta.

Status in OurDelta - Builds for MySQL: Confirmed
Status in Patches for MySQL by Percona: Fix Committed

Bug description:
INNODB_BUFFER_POOL_CONTENT does not prune rows returned in terms of what databases/tables the requesting user has access to. In many environments it is unacceptable for user to have access to data about the names of all database and table that exist on the instance.

I suggest that access to INNODB_BUFFER_POOL_CONTENT be restricted to user that have the SUPER privilege.

References

  Thread PreviousDate PreviousThread Next