You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:18.0) Gecko/20100101 Firefox/18.0
Build Identifier:
When I create a new user and want to grant her only select access to a table, she can still update the table.
Reproducible: Always
Steps to Reproduce:
1.monetdb create grantupd; monetdb start grantupd; monetdb release grantupd;
2.mclient -d grantupd
3.sql>create table version (name varchar(10), i int);insert into version (name,i) values ('test1', 1);
4.sql>CREATE USER "bart" WITH PASSWORD 'bart' NAME 'Bart Simpson' SCHEMA "sys";
5.sql>GRANT SELECT ON TABLE version TO bart;
6.sql>\q
7.mclient -d grantupd -ubart
sql>select * from version;
+-------+------+
| name | i |
+=======+======+
| test1 | 1 |
+-------+------+
1 tuple (1.631ms)
sql>delete from version;
DELETE FROM: insufficient privileges for user 'bart' to delete from table 'version'
sql>insert into version (name,i) values ('test3', 3);
INSERT INTO: insufficient privileges for user 'bart' to insert into table 'version'
All correct, but:
sql>update version set i = 2;
1 affected row (32.151ms)
sql>select * from version;
+-------+------+
| name | i |
+=======+======+
| test1 | 2 |
+-------+------+
1 tuple (1.364ms)
Actual Results:
UPDATE GRANT neglected.
Expected Results:
insufficient privileges
This is also incorrect when working in another than sys schema.
Date: 2013-02-07 11:37:11 +0100
From: @bartscheers
To: SQL devs <>
Version: 11.15.1 (Feb2013)
CC: @njnes
Last updated: 2013-03-07 12:41:22 +0100
Comment 18455
Date: 2013-02-07 11:37:11 +0100
From: @bartscheers
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:18.0) Gecko/20100101 Firefox/18.0
Build Identifier:
When I create a new user and want to grant her only select access to a table, she can still update the table.
Reproducible: Always
Steps to Reproduce:
1.monetdb create grantupd; monetdb start grantupd; monetdb release grantupd;
2.mclient -d grantupd
3.sql>create table version (name varchar(10), i int);insert into version (name,i) values ('test1', 1);
4.sql>CREATE USER "bart" WITH PASSWORD 'bart' NAME 'Bart Simpson' SCHEMA "sys";
5.sql>GRANT SELECT ON TABLE version TO bart;
6.sql>\q
7.mclient -d grantupd -ubart
sql>select * from version;
+-------+------+
| name | i |
+=======+======+
| test1 | 1 |
+-------+------+
1 tuple (1.631ms)
sql>delete from version;
DELETE FROM: insufficient privileges for user 'bart' to delete from table 'version'
sql>insert into version (name,i) values ('test3', 3);
INSERT INTO: insufficient privileges for user 'bart' to insert into table 'version'
All correct, but:
sql>update version set i = 2;
1 affected row (32.151ms)
sql>select * from version;
+-------+------+
| name | i |
+=======+======+
| test1 | 2 |
+-------+------+
1 tuple (1.364ms)
Actual Results:
UPDATE GRANT neglected.
Expected Results:
insufficient privileges
This is also incorrect when working in another than sys schema.
Comment 18468
Date: 2013-02-13 13:37:56 +0100
From: @njnes
Changeset febda30627eb made by Niels Nes niels@cwi.nl in the MonetDB repo, refers to this bug.
For complete details, see http//devmonetdborg/hg/MonetDB?cmd=changeset;node=febda30627eb
Changeset description:
Comment 18469
Date: 2013-02-13 13:39:01 +0100
From: @njnes
proper checks were missing...
Comment 18589
Date: 2013-03-07 12:41:22 +0100
From: @sjoerdmullender
Feb2013-SP1 has been released.
The text was updated successfully, but these errors were encountered: