Issue Details (XML | Word | Printable)

Key: CORE-5840
Type: Bug Bug
Status: Closed Closed
Resolution: Fixed
Priority: Major Major
Assignee: Roman Simakov
Reporter: Roman Simakov
Votes: 0
Watchers: 0
Operations

If you were logged in you would be able to see more operations.
Firebird Core

Ignor of reference privilege

Created: 05/Jun/18 01:12 PM   Updated: 22/Sep/18 04:28 AM
Component/s: Engine
Affects Version/s: 4.0 Alpha 1, 3.0.3
Fix Version/s: 3.0.4, 4.0 Beta 1

QA Status: Done successfully


 Description  « Hide
The script should provide an error "no permission for REFERENCES access to TABLE T1" but passes OK.

create database sysdba;
create user user1 password 'pass';
create table t1 (id int not null primary key, name varchar(100));
grant create table to user1;

connect user1;
create table t2 (id int references t1(id));


 All   Comments   Change History   Subversion Commits      Sort Order: Descending order - Click to sort in ascending order
Roman Simakov added a comment - 05/Jun/18 01:24 PM
SCL_references must be checked for DDL operation of index creation and we need to ignore TDBB_trusted_ddl flag in this case. More general solution is to remove TDBB_trusted_dll flag since its purpose to allow system table modification due DDL operations. It requires removing SCL_checks... from VIO_{store,erase,motify}. It's quite possible but not so trivial as at fist look.