Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Regression: generators can be seen/modified by unprivileged users [CORE4806] #5104

Closed
firebird-issue-importer opened this issue May 20, 2015 · 8 comments

Comments

@firebird-issue-importer

Submitted by: @pavel-zotov

Is related to CORE2553

Script:

show version;
set list on;
set echo on;

recreate sequence g;
commit;
drop user maverick;
commit;
create user maverick password '123';
commit;
revoke all on all from maverick;
commit;
revoke all on all from public;
commit;

show sequ;

set term ^;
execute block returns(who_am_i varchar(31), what_i_have_done_with_gen bigint) as
declare n bigint;
begin
execute statement 'select current_user, gen_id(g, -9871234598765) from rdb$database'
on external 'localhost:' || rdb$get_context('SYSTEM', 'DB_NAME')
as user 'maverick' password '123'
into who_am_i, what_i_have_done_with_gen;
suspend;
end
^
set term ;^
commit;

show sequ;

Output (starting from 1st 'show sequ' command):

1. On WI-T3.0.0.30566 Firebird 3.0 Alpha 1:

show sequ;
Generator G, current value is 0

set term ^;
execute block returns(who_am_i varchar(31), what_i_have_done_with_gen bigint) as
declare n bigint;
begin
execute statement 'select current_user, gen_id(g, -9871234598765) from rdb$database'
on external 'localhost:' || rdb$get_context('SYSTEM', 'DB_NAME')
as user 'maverick' password '123'
into who_am_i, what_i_have_done_with_gen;
suspend;
end
^

Statement failed, SQLSTATE = 42000
Execute statement error at isc_dsql_prepare :
335544352 : no permission for USAGE access to GENERATOR G
Statement : select current_user, gen_id(g, -9871234598765) from rdb$database
Data source : Firebird::localhost:C:\MIX\FIREBIRD\QA\FBT-REPO\TMP\E30A1.FDB
After line 19 in file gen_id_hole.sql
set term ;^
commit;

show sequ;
Generator G, current value is 0

2. On WI-T3.0.0.31374 Firebird 3.0 Beta 1:

show sequ;
Generator G, current value: 0, initial value: 0, increment: 1

set term ^;
execute block returns(who_am_i varchar(31), what_i_have_done_with_gen bigint) as
declare n bigint;
begin
execute statement 'select current_user, gen_id(g, -9871234598765) from rdb$database'
on external 'localhost:' || rdb$get_context('SYSTEM', 'DB_NAME')
as user 'maverick' password '123'
into who_am_i, what_i_have_done_with_gen;
suspend;
end
^

WHO_AM_I MAVERICK
WHAT_I_HAVE_DONE_WITH_GEN -9871234598765

set term ;^
commit;

show sequ;
Generator G, current value: -9871234598765, initial value: 0, increment: 1

PS.
As for Alpha-2: this script will raise strange exception on ES/EDS:

Statement failed, SQLSTATE = 42000
Execute statement error at attach :
335544344 : I/O error during "CreateFile (open)" operation for file "localhost:C:\MIX\FIREBIRD\QA\FBT-REPO\TMP\E30A2.FDB"
335544734 : Error while trying to open file
123 : <syntax error in the name of file, directory or volume> // localized message, e.g. in cyrillic
Data source : Firebird::localhost:C:\MIX\FIREBIRD\QA\FBT-REPO\TMP\E30A2.FDB

If change execute block + es/eds with this:

show sequ;
commit;

connect 'localhost/3299:C:\MIX\FIREBIRD\QA\FBT-REPO\TMP\e30a2.fdb' user 'maverick' password '123';

select current_user as who_am_i, gen_id(g, -9871234598765) as what_i_have_done_with_gen from rdb$database;
commit;

show sequ;

-- output in WI-T3.0.0.30809 Firebird 3.0 Alpha 2 will be:

show sequ;
Generator G, current value is 0
commit;

connect 'localhost/3299:C:\MIX\FIREBIRD\QA\FBT-REPO\TMP\e30a2.fdb' user 'maverick' password '123';

select current_user as who_am_i, gen_id(g, -9871234598765) as what_i_have_done_with_gen from rdb$database;
Statement failed, SQLSTATE = 28000
no permission for USAGE access to GENERATOR G
After line 20 in file gen_id_hole-a2.sql
commit;

show sequ;
Statement failed, SQLSTATE = 28000
no permission for USAGE access to GENERATOR G
After line 23 in file gen_id_hole-a2.sql
There are no generators in this database

Commits: f58768a FirebirdSQL/fbt-repository@8fb61f5

@firebird-issue-importer
Copy link
Author

firebird-issue-importer commented May 20, 2015

Modified by: @AlexPeshkoff

assignee: Alexander Peshkov [ alexpeshkoff ]

@firebird-issue-importer
Copy link
Author

firebird-issue-importer commented May 31, 2015

Modified by: @dyemanov

Link: This issue is related to CORE2553 [ CORE2553 ]

@firebird-issue-importer
Copy link
Author

firebird-issue-importer commented May 31, 2015

Modified by: @dyemanov

assignee: Alexander Peshkov [ alexpeshkoff ] => Dmitry Yemanov [ dimitr ]

@firebird-issue-importer
Copy link
Author

firebird-issue-importer commented May 31, 2015

Modified by: @dyemanov

summary: Regression: gen_id( <non_granted_gen>, <any_increment> ) is allowed to user who has not permission to change (and even see) value of sequence => Regression: generators can be seen/modified by unprivileged users

@firebird-issue-importer
Copy link
Author

firebird-issue-importer commented May 31, 2015

Commented by: @dyemanov

Fix requires databases to be recreated.

@firebird-issue-importer
Copy link
Author

firebird-issue-importer commented May 31, 2015

Modified by: @dyemanov

status: Open [ 1 ] => Resolved [ 5 ]

resolution: Fixed [ 1 ]

Fix Version: 3.0 Beta 2 [ 10586 ]

@firebird-issue-importer
Copy link
Author

firebird-issue-importer commented Jun 1, 2015

Modified by: @pavel-zotov

status: Resolved [ 5 ] => Resolved [ 5 ]

QA Status: Done successfully

@firebird-issue-importer
Copy link
Author

firebird-issue-importer commented Jun 1, 2015

Modified by: @pavel-zotov

status: Resolved [ 5 ] => Closed [ 6 ]

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment