[
https://issues.apache.org/jira/browse/IGNITE-11673?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16808556#comment-16808556
]
Andrew Mashenkov commented on IGNITE-11673:
-------------------------------------------
[~rkondakov],
"executeSelect0()" is called from executeSelect() and executeSelectFromDml()
methods.
Security check is present in first one, but missed in second one.
So, before your fix, Dml query execution looks not secured at all and after fix
security checks can be performed twice.
Also, I've found "executeDml()" and "executeCommand()" (see querySqlFields)
also has no security checks.
Do we need to create a separate ticket for this or I've missed smth?
> SQL: It looks like security check is missed in h2 indexing.
> -----------------------------------------------------------
>
> Key: IGNITE-11673
> URL: https://issues.apache.org/jira/browse/IGNITE-11673
> Project: Ignite
> Issue Type: Bug
> Components: sql
> Reporter: Roman Kondakov
> Assignee: Roman Kondakov
> Priority: Major
> Time Spent: 10m
> Remaining Estimate: 0h
>
> Security check is no longer conducted in {{IgniteH2Indexing#executeSelect0}}
> after IGNITE-10104 having been merged.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
