[prev in list] [next in list] [prev in thread] [next in thread]
List: mysql-bugs
Subject: Re: Excess Privileges required for SELECT INTO OUTFILE
From: Michael Widenius <monty () mysql ! com>
Date: 2002-06-06 13:30:07
[Download RAW message or body]
Hi!
>>>>> "Sinisa" == Sinisa Milivojevic <sinisa@mysql.com> writes:
Sinisa> mysql-readers@axoria.net writes:
>> Hi,
>>
>> Briefly, the problem is that one has to grant SELECT privilege on
>> entire database rather than just the table from which one is selecting
>> records in a SELECT INTO OUTFILE. (No other privileges set anywhere
>> apart from the FILE privilege of course.)
<cut>
Sinisa> Hi!
Sinisa> Thank you for your bug report, due to which we were able to fix a bug.
Sinisa> A fix is done for the moment only in 4.0.2. To fix it in 3.23, we
Sinisa> would have to make some changes regarding error message printing.
Sinisa> This is a patch that solves a problem :
<cut>
Here is a slightly better patch that will be in 3.23.52 and 4.0.2
===== sql/sql_parse.cc 1.233 vs edited =====
*** /tmp/sql_parse.cc-1.233-32464 Wed Jun 5 23:04:36 2002
--- edited/sql/sql_parse.cc Thu Jun 6 14:25:30 2002
***************
*** 2513,2519 ****
thd->priv_user, db); /* purecov: inspected */
else
db_access=thd->db_access;
! want_access &= ~EXTRA_ACL; // Remove SHOW attribute
db_access= ((*save_priv=(db_access | thd->master_access)) & want_access);
/* grant_option is set if there exists a single table or column grant */
--- 2513,2520 ----
thd->priv_user, db); /* purecov: inspected */
else
db_access=thd->db_access;
! // Remove SHOW attribute and access rights we already have
! want_access &= ~(thd->master_access | EXTRA_ACL);
db_access= ((*save_priv=(db_access | thd->master_access)) & want_access);
/* grant_option is set if there exists a single table or column grant */
Regards,
Monty
---------------------------------------------------------------------
Before posting, please check:
http://www.mysql.com/manual.php (the manual)
http://lists.mysql.com/ (the list archive)
To request this thread, e-mail bugs-thread12078@lists.mysql.com
To unsubscribe, e-mail <bugs-unsubscribe@lists.mysql.com>
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic