Uploaded image for project: 'Derby'
  1. Derby
  2. DERBY-1708

Unprivileged user can perform lock table statement on a table which he/she does not have any access rights

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Closed
    • Major
    • Resolution: Fixed
    • 10.2.1.6
    • 10.2.1.6, 10.3.1.4
    • SQL
    • None
    • Sun JDK 1.4.2
    • Urgent

    Description

      An unprivileged user was able to lock a table for which he/she does not own. e.g.:

      ij version 10.2
      ij> connect 'jdbc:derby:wombat;create=true' user 'user1' as user1;
      WARNING 01J14: SQL authorization is being used without first enabling authentication.
      ij> create table t1 (i int);
      0 rows inserted/updated/deleted
      ij> connect 'jdbc:derby:wombat;create=true' user 'user2' as user2;
      WARNING 01J01: Database 'wombat' not created, connection made to existing database instead.
      WARNING 01J14: SQL authorization is being used without first enabling authentication.
      ij(USER2)> autocommit off;
      ij(USER2)> lock table user1.t1 in exclusive mode;
      0 rows inserted/updated/deleted

      sysinfo:
      ------------------ Java Information ------------------
      Java Version: 1.4.2_12
      Java Vendor: Sun Microsystems Inc.
      Java home: C:\Program Files\Java\j2re1.4.2_12
      Java classpath: derby.jar;derbytools.jar;.
      OS name: Windows XP
      OS architecture: x86
      OS version: 5.1
      Java user name: Yip
      Java user home: C:\Documents and Settings\Yip
      Java user dir: C:\work3\derby\tests\derby-10.2.1.0\lib
      java.specification.name: Java Platform API Specification
      java.specification.version: 1.4
      --------- Derby Information --------
      JRE - JDBC: J2SE 1.4.2 - JDBC 3.0
      [C:\work3\derby\tests\derby-10.2.1.0\lib\derby.jar] 10.2.1.0 beta - (430903)
      [C:\work3\derby\tests\derby-10.2.1.0\lib\derbytools.jar] 10.2.1.0 beta - (430903
      )
      ------------------------------------------------------
      ----------------- Locale Information -----------------
      Current Locale : [English/United States [en_US]]
      Found support for locale: [de_DE]
      version: 10.2.1.0 - (430903)
      Found support for locale: [es]
      version: 10.2.1.0 - (430903)
      Found support for locale: [fr]
      version: 10.2.1.0 - (430903)
      Found support for locale: [it]
      version: 10.2.1.0 - (430903)
      Found support for locale: [ja_JP]
      version: 10.2.1.0 - (430903)
      Found support for locale: [ko_KR]
      version: 10.2.1.0 - (430903)
      Found support for locale: [pt_BR]
      version: 10.2.1.0 - (430903)
      Found support for locale: [zh_CN]
      version: 10.2.1.0 - (430903)
      Found support for locale: [zh_TW]
      version: 10.2.1.0 - (430903)
      ------------------------------------------------------

      Attachments

        1. derby1708-10.2-diff01.txt
          4 kB
          Yip Ng
        2. derby1708-10.2-stat01.txt
          0.3 kB
          Yip Ng
        3. derby1708-trunk-diff01.txt
          4 kB
          Yip Ng
        4. derby1708-trunk-stat01.txt
          0.3 kB
          Yip Ng

        Issue Links

          is related to

          Improvement - An improvement or enhancement to an existing feature or task. DERBY-464 Enhance Derby by adding grant/revoke support. Grant/Revoke provide finner level of privileges than currently provided by Derby that is especially useful in network configurations.

          • Major - Major loss of function.
          • Closed

          Activity

            People

              yipng Yip Ng
              yipng Yip Ng
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: