Date: 2013-02-07 11:37:11 +0100
From: @bartscheers
To: SQL devs <>
Version: 11.15.1 (Feb2013)
CC: @njnes

Last updated: 2013-03-07 12:41:22 +0100

Comment 18455

Date: 2013-02-07 11:37:11 +0100
From: @bartscheers

User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:18.0) Gecko/20100101 Firefox/18.0
Build Identifier:

When I create a new user and want to grant her only select access to a table, she can still update the table.

Reproducible: Always

Steps to Reproduce:

1.monetdb create grantupd; monetdb start grantupd; monetdb release grantupd;
2.mclient -d grantupd
3.sql>create table version (name varchar(10), i int);insert into version (name,i) values ('test1', 1);
4.sql>CREATE USER "bart" WITH PASSWORD 'bart' NAME 'Bart Simpson' SCHEMA "sys";
5.sql>GRANT SELECT ON TABLE version TO bart;
6.sql>\q

7.mclient -d grantupd -ubart
sql>select * from version;
+-------+------+
| name | i |
+=======+======+
| test1 | 1 |
+-------+------+
1 tuple (1.631ms)

sql>delete from version;
DELETE FROM: insufficient privileges for user 'bart' to delete from table 'version'
sql>insert into version (name,i) values ('test3', 3);
INSERT INTO: insufficient privileges for user 'bart' to insert into table 'version'

All correct, but:
sql>update version set i = 2;
1 affected row (32.151ms)
sql>select * from version;
+-------+------+
| name | i |
+=======+======+
| test1 | 2 |
+-------+------+
1 tuple (1.364ms)

Actual Results:

UPDATE GRANT neglected.

Expected Results:

insufficient privileges

This is also incorrect when working in another than sys schema.

Comment 18468

Date: 2013-02-13 13:37:56 +0100
From: @njnes

Changeset febda30627eb made by Niels Nes niels@cwi.nl in the MonetDB repo, refers to this bug.

For complete details, see http//devmonetdborg/hg/MonetDB?cmd=changeset;node=febda30627eb

Changeset description:

add test(s) for bug #3229

Comment 18469

Date: 2013-02-13 13:39:01 +0100
From: @njnes

proper checks were missing...

Comment 18589

Date: 2013-03-07 12:41:22 +0100
From: @sjoerdmullender

Feb2013-SP1 has been released.