Uploaded image for project: 'Derby'
  1. Derby
  2. DERBY-3736

Revoking a column level privilege from a user, a prepared statement relying on that privilege can still be executed

    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 10.3.1.4, 10.3.2.1, 10.3.3.0, 10.4.1.3
    • Fix Version/s: 10.4.2.0, 10.5.1.1
    • Component/s: SQL
    • Labels:
      None
    • Bug behavior facts:
      Regression, Security

      Description

      When a table level SELECT privilege is revoked, a dependent prepared statement is
      invalidated and can no longer be executed, but in the case of a column level privilege
      SELECT privilege, the dependent prepared statement can still be executed.

      This works as expected in 10.2, but does not work in all 10.3 and 10.4 releases.

        Attachments

        1. table-level.sql
          0.3 kB
          Dag H. Wanvik
        2. column-level.sql
          0.4 kB
          Dag H. Wanvik
        3. GrantRevokeDDLTest.diff
          2 kB
          Dag H. Wanvik
        4. derby-3736.diff
          2 kB
          Dag H. Wanvik
        5. derby-3736.stat
          0.2 kB
          Dag H. Wanvik
        6. derby-3736b.diff
          3 kB
          Dag H. Wanvik
        7. derby-3736b.stat
          0.2 kB
          Dag H. Wanvik

          Issue Links

            Activity

              People

              • Assignee:
                dagw Dag H. Wanvik
                Reporter:
                dagw Dag H. Wanvik
              • Votes:
                0 Vote for this issue
                Watchers:
                0 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: