Changeset: c65a60e3b9cb for MonetDB URL: https://dev.monetdb.org/hg/MonetDB?cmd=changeset;node=c65a60e3b9cb Modified Files: sql/server/sql_privileges.c Branch: Mar2018 Log Message:
fix for bug 6628 (users are allowed to access there temporary tables) diffs (12 lines): diff --git a/sql/server/sql_privileges.c b/sql/server/sql_privileges.c --- a/sql/server/sql_privileges.c +++ b/sql/server/sql_privileges.c @@ -446,7 +446,7 @@ int table_privs(mvc *m, sql_table *t, int priv) { /* temporary tables are owned by the session user */ - if (t->persistence == SQL_DECLARED_TABLE || (priv == PRIV_SELECT && (t->persistence != SQL_PERSIST || t->commit_action))) + if (t->persistence == SQL_DECLARED_TABLE || (!t->system && t->persistence != SQL_PERSIST) || (priv == PRIV_SELECT && (t->persistence != SQL_PERSIST || t->commit_action))) return 1; if (admin_privs(m->user_id) || admin_privs(m->role_id) || (t->s && (m->user_id == t->s->auth_id || m->role_id == t->s->auth_id)) || sql_privilege(m, m->user_id, t->base.id, priv, 0) == priv || sql_privilege(m, m->role_id, t->base.id, priv, 0) == priv || sql_privilege(m, ROLE_PUBLIC, t->base.id, priv, 0) == priv) { return 1; _______________________________________________ checkin-list mailing list checkin-list@monetdb.org https://www.monetdb.org/mailman/listinfo/checkin-list