Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

User cannot insert into own local temporary table #6628

Closed
monetdb-team opened this issue Nov 30, 2020 · 0 comments
Closed

User cannot insert into own local temporary table #6628

monetdb-team opened this issue Nov 30, 2020 · 0 comments

Comments

@monetdb-team
Copy link

@monetdb-team monetdb-team commented Nov 30, 2020

Date: 2018-07-19 11:23:35 +0200
From: @swingbit
To: SQL devs <>
Version: 11.29.7 (Mar2018-SP1)
CC: @njnes

Last updated: 2018-08-31 13:23:26 +0200

Comment 26557

Date: 2018-07-19 11:23:35 +0200
From: @swingbit

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.99 Safari/537.36
Build Identifier:

I admit I always had a hard time with SQL roles and permissions, so perhaps it's just me doing something wrong.

If I create a user (with admin privileges), and the user operates in its own schema:

CREATE USER "spinque" WITH UNENCRYPTED PASSWORD '123456789' NAME 'Spinque user' SCHEMA "sys";
CREATE ROLE "spinque" WITH ADMIN CURRENT_USER;
GRANT "spinque" TO "spinque" WITH ADMIN OPTION;
CREATE SCHEMA "spinque" AUTHORIZATION "spinque";
ALTER USER "spinque" SET SCHEMA "spinque";

Then login as this user, this happens:

sql>start transaction;
auto commit mode: off
sql>create local temporary table test(i int);
operation successful
sql>insert into test values (2);
INSERT INTO: insufficient privileges for user 'spinque' to insert into table 'test'

The user can create the table in schema 'tmp', but not write into it.

My understanding was that regardless of roles and privileges explicitly assigned, users always has full rights on the tables that they create. This doesn't seem to be true for tables created in a different schema.

Reproducible: Always

$ mserver5 --version
MonetDB 5 server v11.29.8 (64-bit, 128-bit integers)
This is an unreleased version
Copyright (c) 1993 - July 2008 CWI
Copyright (c) August 2008 - 2018 MonetDB B.V., all rights reserved
Visit https://www.monetdb.org/ for further information
Found 15.5GiB available memory, 8 available cpu cores
Libraries:
libpcre: 8.42 2018-03-20 (compiled with 8.42)
openssl: OpenSSL 1.1.0h 27 Mar 2018 (compiled with OpenSSL 1.1.0h-fips 27 Mar 2018)
libxml2: 2.9.7 (compiled with 2.9.7)
Compiled by: roberto@photon.hq.spinque.com (x86_64-pc-linux-gnu)
Compilation: gcc -O3 -fomit-frame-pointer -pipe -D_FORTIFY_SOURCE=2
Linking : /usr/bin/ld -m elf_x86_64 -Wl,-Bsymbolic-functions

Comment 26574

Date: 2018-07-27 10:18:48 +0200
From: MonetDB Mercurial Repository <>

Changeset c65a60e3b9cb made by Niels Nes niels@cwi.nl in the MonetDB repo, refers to this bug.

For complete details, see https//devmonetdborg/hg/MonetDB?cmd=changeset;node=c65a60e3b9cb

Changeset description:

fix for bug #6628 (users are allowed to access there temporary tables)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Linked pull requests

Successfully merging a pull request may close this issue.

None yet
1 participant