Operator REVOKE can modify rights granted to system tables at DB creation time
------------------------------------------------------------------------------
Key: CORE-4980
URL: http://tracker.firebirdsql.org/browse/CORE-4980
Project: Firebird Core
Issue Type: Bug
Components: Engine
Affects Versions: 3.0 RC 1
Reporter: Alexander Peshkov
Some forms of SQL operator REVOKE can trash access rights to system tables. For
example:
REVOKE ALL ON ALL FROM <DB-owner>
REVOKE ALL ON ALL FROM PUBLIC
REVOKE SELECT ON RDB$RELATIONS FROM PUBLIC
As a result it's very easy to have a database from which none can read (for
example) list of tables.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://tracker.firebirdsql.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
------------------------------------------------------------------------------
Firebird-Devel mailing list, web interface at
https://lists.sourceforge.net/lists/listinfo/firebird-devel
