Uploaded image for project: 'Derby'
  1. Derby
  2. DERBY-1723

Database owner revokes select privilege from a schema owner but owner is still able to select

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Closed
    • Major
    • Resolution: Duplicate
    • 10.2.1.6
    • None
    • SQL
    • None
    • Sun JDK 1.4.2

    Description

      Database owner attempts to revoke select privilege from a schema owner's own table but the owner later can still select from the revoked table. Behavior is inconsistent. e.g.:

      ij version 10.2
      ij> connect 'jdbc:derby:wombat;create=true' user 'user1' as user1;
      WARNING 01J14: SQL authorization is being used without first enabling authentication.
      ij> connect 'jdbc:derby:wombat' user 'user2' as user2;
      WARNING 01J14: SQL authorization is being used without first enabling authentication.
      ij(USER2)> create table tshared0 (i int);
      0 rows inserted/updated/deleted
      ij(USER2)> – db owner tries to revoke select access from schema owner user2
      set connection user1;
      ij(USER1)> revoke select on user2.tshared0 from user2;
      0 rows inserted/updated/deleted
      ij(USER1)> set connection user2;
      ij(USER2)> select * from user2.tshared0;
      I
      -----------

      0 rows selected
      ij(USER2)>

      sysinfo:
      ------------------ Java Information ------------------
      Java Version: 1.4.2_12
      Java Vendor: Sun Microsystems Inc.
      Java home: C:\Program Files\Java\j2re1.4.2_12
      Java classpath: derby.jar;derbytools.jar
      OS name: Windows XP
      OS architecture: x86
      OS version: 5.1
      Java user name: Yip
      Java user home: C:\Documents and Settings\Yip
      Java user dir: C:\work3\derby\tests\derby-10.2.1.0\lib
      java.specification.name: Java Platform API Specification
      java.specification.version: 1.4
      --------- Derby Information --------
      JRE - JDBC: J2SE 1.4.2 - JDBC 3.0
      [C:\work3\derby\tests\derby-10.2.1.0\lib\derby.jar] 10.2.1.0 beta - (430903)
      [C:\work3\derby\tests\derby-10.2.1.0\lib\derbytools.jar] 10.2.1.0 beta - (430903)
      ------------------------------------------------------
      ----------------- Locale Information -----------------
      Current Locale : [English/United States [en_US]]
      Found support for locale: [de_DE]
      version: 10.2.1.0 - (430903)
      Found support for locale: [es]
      version: 10.2.1.0 - (430903)
      Found support for locale: [fr]
      version: 10.2.1.0 - (430903)
      Found support for locale: [it]
      version: 10.2.1.0 - (430903)
      Found support for locale: [ja_JP]
      version: 10.2.1.0 - (430903)
      Found support for locale: [ko_KR]
      version: 10.2.1.0 - (430903)
      Found support for locale: [pt_BR]
      version: 10.2.1.0 - (430903)
      Found support for locale: [zh_CN]
      version: 10.2.1.0 - (430903)
      Found support for locale: [zh_TW]
      version: 10.2.1.0 - (430903)
      ------------------------------------------------------

      Attachments

        Issue Links

          is related to

          Improvement - An improvement or enhancement to an existing feature or task. DERBY-464 Enhance Derby by adding grant/revoke support. Grant/Revoke provide finner level of privileges than currently provided by Derby that is especially useful in network configurations.

          • Major - Major loss of function.
          • Closed

          Activity

            People

              Unassigned Unassigned
              yipng Yip Ng
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: