Skip to content

Problems with access to RDB$CONFIG table for non-privileged user when he has grant on execution of SP which has necessary access rights (created by SYSDBA with SQL DEFINER clause) #6998

New issue
New issue
Closed
Closed
Problems with access to RDB$CONFIG table for non-privileged user when he has grant on execution of SP which has necessary access rights (created by SYSDBA with SQL DEFINER clause)#6998
Assignees
romansimakov
Labels
affect-version: 4.0.0affect-version: 5.0 Initialfix-version: 4.0.1fix-version: 5.0 Beta 1qa: done successfullytype: bug
@pavel-zotov

Description

@pavel-zotov
pavel-zotov
opened on Oct 8, 2021

Ticket has been created after discussion with Roman Simakov.

RDB$CONFIG data remains inaccessible for common user which is granted to execute procedure created with 'SQL DEFINER' clause by SYSDBA.

Consider following script:

set bail on;
set list on;
set wng off;
set echo on;

shell if exist c:\temp\tmp4test.fdb del c:\temp\tmp4test.fdb;
create database 'localhost:c:\temp\tmp4test.fdb' user sysdba password 'masterkey';

create or alter user dba_helper password '123' using plugin Srp revoke admin role;
commit;

revoke all on all from dba_helper;
commit;

recreate table test(id int, text varchar(100));
commit;

insert into test values(1, 'Data from usual table.');
commit;


set term ^;
create or alter procedure sp_get_test_table_data(a_id int)
    returns (text type of column test.text)
    sql security definer
as
begin
    for
        select t.text
        from rdb$database r
        left join test t on t.id = :a_id
    into
        text
    do
        suspend;
end
^

create or alter procedure sp_get_fb_conf_value(a_param type of column rdb$config.rdb$config_name)
    returns (text type of column rdb$config.rdb$config_value)
    sql security definer
as
begin
    for
        select rdb$config_value
        from rdb$database
        left join rdb$config on upper(rdb$config_name) = upper( :a_param )
    into
        text
    do
        suspend;
end
^
set term ;^
commit;

grant execute on procedure sp_get_fb_conf_value to user public;
grant execute on procedure sp_get_test_table_data to public;
commit;

connect 'localhost:c:\temp\tmp4test.fdb' user 'dba_helper' password '123';
select mon$user from mon$attachments where mon$attachment_id = current_connection;
show grants;


select  current_user, p.text as test_table_value from sp_get_test_table_data(1) p;
select  current_user, coalesce(p.text, 'You can NOT see this data.') as rdb_config_value from sp_get_fb_conf_value('ServerMode') p;

commit;
connect 'localhost:c:\temp\tmp4test.fdb' user 'sysdba' password 'masterkey';

select  current_user, p.text from sp_get_fb_conf_value('ServerMode') p;

drop user dba_helper;
drop database;
exit;

Its output will be:

/* Grant permissions for this database */
GRANT EXECUTE ON PROCEDURE SP_GET_FB_CONF_VALUE TO PUBLIC
GRANT EXECUTE ON PROCEDURE SP_GET_TEST_TABLE_DATA TO PUBLIC

USER                            DBA_HELPER
TEST_TABLE_VALUE                Data from usual table.

USER                            DBA_HELPER
RDB_CONFIG_VALUE                You can NOT see this data.

Expected output:

USER                            DBA_HELPER
RDB_CONFIG_VALUE                Super

(where 'Super' is actual value of ServerMode parameter).

Metadata

Metadata

Assignees

Labels

affect-version: 4.0.0affect-version: 5.0 Initialfix-version: 4.0.1fix-version: 5.0 Beta 1qa: done successfullytype: bug

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions