Issue Details (XML | Word | Printable)

Key: CORE-5840
Type: Bug Bug
Status: Closed Closed
Resolution: Fixed
Priority: Major Major
Assignee: Roman Simakov
Reporter: Roman Simakov
Votes: 0
Watchers: 0

If you were logged in you would be able to see more operations.
Firebird Core

Ignor of reference privilege

Created: 05/Jun/18 01:12 PM   Updated: 22/Sep/18 04:28 AM
Component/s: Engine
Affects Version/s: 4.0 Alpha 1, 3.0.3
Fix Version/s: 3.0.4, 4.0 Beta 1

QA Status: Done successfully

 Description  « Hide
The script should provide an error "no permission for REFERENCES access to TABLE T1" but passes OK.

create database sysdba;
create user user1 password 'pass';
create table t1 (id int not null primary key, name varchar(100));
grant create table to user1;

connect user1;
create table t2 (id int references t1(id));

 All   Comments   Change History   Subversion Commits      Sort Order: Ascending order - Click to sort in descending order
Roman Simakov made changes - 05/Jun/18 01:12 PM
Field Original Value New Value
Assignee Roman Simakov [ roman-simakov ]
Roman Simakov added a comment - 05/Jun/18 01:24 PM
SCL_references must be checked for DDL operation of index creation and we need to ignore TDBB_trusted_ddl flag in this case. More general solution is to remove TDBB_trusted_dll flag since its purpose to allow system table modification due DDL operations. It requires removing SCL_checks... from VIO_{store,erase,motify}. It's quite possible but not so trivial as at fist look.

Roman Simakov made changes - 05/Jun/18 01:24 PM
Status Open [ 1 ] Resolved [ 5 ]
Fix Version/s 4.0 Beta 1 [ 10750 ]
Fix Version/s 3.0.4 [ 10863 ]
Resolution Fixed [ 1 ]
Pavel Zotov made changes - 08/Jun/18 10:46 PM
Status Resolved [ 5 ] Resolved [ 5 ]
QA Status No test Done successfully
Pavel Zotov made changes - 08/Jun/18 10:46 PM
Status Resolved [ 5 ] Closed [ 6 ]
Dmitry Yemanov made changes - 22/Sep/18 04:28 AM
Security Developers [ 10012 ]