Hi all,
Following queries are used to assess whether the logged in user has super, create user and grant privileges respectively. See [1]
SELECT 1 FROM mysql.user LIMIT 1 SELECT 1 FROM INFORMATION_SCHEMA.USER_PRIVILEGES WHERE PRIVILEGE_TYPE = 'CREATE USER' LIMIT 1 SELECT 1 FROM INFORMATION_SCHEMA.USER_PRIVILEGES WHERE IS_GRANTABLE = 'YES' LIMIT 1
However, if I create a user with all global privileges except for 'GRANT', 'SUPER', and 'CREATE USER' privileges all the above queries return 1 since the queries does not check for the grantee column. Rows corresponding to root user make all these queries return 1.
This obviously looks a bug to me. I'm writing to make sure that I'm not missing out on something obvious.
[1] https://github.com/phpmyadmin/phpmyadmin/blob/master/libraries/DatabaseInter...
Madhura Jayaratne a écrit :
Hi all,
Following queries are used to assess whether the logged in user has super, create user and grant privileges respectively. See [1]
SELECT 1 FROM mysql.user LIMIT 1 SELECT 1 FROM INFORMATION_SCHEMA.USER_PRIVILEGES WHERE PRIVILEGE_TYPE = 'CREATE USER' LIMIT 1 SELECT 1 FROM INFORMATION_SCHEMA.USER_PRIVILEGES WHERE IS_GRANTABLE = 'YES' LIMIT 1
However, if I create a user with all global privileges except for 'GRANT', 'SUPER', and 'CREATE USER' privileges all the above queries return 1 since the queries does not check for the grantee column. Rows corresponding to root user make all these queries return 1.
This obviously looks a bug to me. I'm writing to make sure that I'm not missing out on something obvious.
[1] https://github.com/phpmyadmin/phpmyadmin/blob/master/libraries/DatabaseInter...
Yes, this looks like a bug.
Hi all,
On Tue, Oct 14, 2014 at 2:04 PM, Madhura Jayaratne madhura.cj@gmail.com wrote:
Hi all,
Following queries are used to assess whether the logged in user has super, create user and grant privileges respectively. See [1]
SELECT 1 FROM mysql.user LIMIT 1
This is used to see if user is phpMyAdmin superuser and for phpMyAdmin, the super user is the user having read access to `mysql.user`.
SELECT 1 FROM INFORMATION_SCHEMA.USER_PRIVILEGES WHERE PRIVILEGE_TYPE = 'CREATE USER' LIMIT 1
SELECT 1 FROM INFORMATION_SCHEMA.USER_PRIVILEGES WHERE IS_GRANTABLE = 'YES'
LIMIT 1
However, if I create a user with all global privileges except for 'GRANT', 'SUPER', and 'CREATE USER' privileges all the above queries return 1 since the queries does not check for the grantee column. Rows corresponding to root user make all these queries return 1.
Similarly, USER_PRIVILEGES tells about the global privileges of current logged in user. Even if user is not having Global GRANT privilege he can still grant privileges to user (those privileges which he has), So, he is kind of a GRANT user for phpmyadmin.
I don't know why, but I created a similar user that you have created but using that new user can still create more users using that new user.
This obviously looks a bug to me. I'm writing to make sure that I'm not missing out on something obvious.
Correct me if I am wrong anywhere. I am doing some more research on it.
[1] https://github.com/phpmyadmin/phpmyadmin/blob/master/libraries/DatabaseInter...
-- Thanks and Regards,
Madhura Jayaratne
Comprehensive Server Monitoring with Site24x7. Monitor 10 servers for $9/Month. Get alerted through email, SMS, voice calls or mobile push notifications. Take corrective actions from your mobile device. http://p.sf.net/sfu/Zoho _______________________________________________ Phpmyadmin-devel mailing list Phpmyadmin-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/phpmyadmin-devel
On Tue, Oct 14, 2014 at 6:10 PM, Chirayu Chiripal < chirayu.chiripal@gmail.com> wrote:
Hi all,
On Tue, Oct 14, 2014 at 2:04 PM, Madhura Jayaratne madhura.cj@gmail.com wrote:
Hi all,
Following queries are used to assess whether the logged in user has super, create user and grant privileges respectively. See [1]
SELECT 1 FROM mysql.user LIMIT 1
This is used to see if user is phpMyAdmin superuser and for phpMyAdmin, the super user is the user having read access to `mysql.user`.
SELECT 1 FROM INFORMATION_SCHEMA.USER_PRIVILEGES WHERE PRIVILEGE_TYPE = 'CREATE USER' LIMIT 1
SELECT 1 FROM INFORMATION_SCHEMA.USER_PRIVILEGES WHERE IS_GRANTABLE =
'YES' LIMIT 1
However, if I create a user with all global privileges except for 'GRANT', 'SUPER', and 'CREATE USER' privileges all the above queries return 1 since the queries does not check for the grantee column. Rows corresponding to root user make all these queries return 1.
Similarly, USER_PRIVILEGES tells about the global privileges of current logged in user. Even if user is not having Global GRANT privilege he can still grant privileges to user (those privileges which he has), So, he is kind of a GRANT user for phpmyadmin.
I don't know why, but I created a similar user that you have created but using that new user can still create more users using that new user.
I just saw my previous research (for some RFE in which this task was done). Actually, the user needs either of global CREATE_USER or INSERT privileges on mysql table (So he can still create user w/o having global create user). So each of the queries looks fine to me.
Also, If I am not wrong, GRANTEE is the user from which he got those particular privileges and is not the current user itself.
This obviously looks a bug to me. I'm writing to make sure that I'm not missing out on something obvious.
Correct me if I am wrong anywhere. I am doing some more research on it.
[1] https://github.com/phpmyadmin/phpmyadmin/blob/master/libraries/DatabaseInter...
-- Thanks and Regards,
Madhura Jayaratne
Comprehensive Server Monitoring with Site24x7. Monitor 10 servers for $9/Month. Get alerted through email, SMS, voice calls or mobile push notifications. Take corrective actions from your mobile device. http://p.sf.net/sfu/Zoho _______________________________________________ Phpmyadmin-devel mailing list Phpmyadmin-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/phpmyadmin-devel
-- Regards, Chirayu Chiripal https://chirayuchiripal.wordpress.com/
On Tue, Oct 14, 2014 at 6:27 PM, Chirayu Chiripal < chirayu.chiripal@gmail.com> wrote:
On Tue, Oct 14, 2014 at 6:10 PM, Chirayu Chiripal < chirayu.chiripal@gmail.com> wrote:
Hi all,
On Tue, Oct 14, 2014 at 2:04 PM, Madhura Jayaratne madhura.cj@gmail.com wrote:
Hi all,
Following queries are used to assess whether the logged in user has super, create user and grant privileges respectively. See [1]
SELECT 1 FROM mysql.user LIMIT 1
This is used to see if user is phpMyAdmin superuser and for phpMyAdmin, the super user is the user having read access to `mysql.user`.
SELECT 1 FROM INFORMATION_SCHEMA.USER_PRIVILEGES WHERE PRIVILEGE_TYPE = 'CREATE USER' LIMIT 1
SELECT 1 FROM INFORMATION_SCHEMA.USER_PRIVILEGES WHERE IS_GRANTABLE =
'YES' LIMIT 1
However, if I create a user with all global privileges except for 'GRANT', 'SUPER', and 'CREATE USER' privileges all the above queries return 1 since the queries does not check for the grantee column. Rows corresponding to root user make all these queries return 1.
Similarly, USER_PRIVILEGES tells about the global privileges of current logged in user. Even if user is not having Global GRANT privilege he can still grant privileges to user (those privileges which he has), So, he is kind of a GRANT user for phpmyadmin.
I don't know why, but I created a similar user that you have created but using that new user can still create more users using that new user.
I just saw my previous research (for some RFE in which this task was done). Actually, the user needs either of global CREATE_USER or INSERT privileges on mysql table (So he can still create user w/o having global create user).
Thanks. This seems to be true. If I remove INSERT global privilege from the user he no longer can create a new user (He was already lacking CREATE_USER privileges)
So each of the queries looks fine to me.
I'm not too sure. The issue is these queries lacking a WHERE GRANTEE = <current user> clause.
Also, If I am not wrong, GRANTEE is the user from which he got those particular privileges and is not the current user itself.
If this is true a freshly created use would not have an entry in the USER_PRIVILEGES table (since the new user has not granted anything), but this is not the case.
On Tue, Oct 14, 2014 at 7:33 PM, Madhura Jayaratne madhura.cj@gmail.com wrote:
On Tue, Oct 14, 2014 at 6:27 PM, Chirayu Chiripal < chirayu.chiripal@gmail.com> wrote:
On Tue, Oct 14, 2014 at 6:10 PM, Chirayu Chiripal < chirayu.chiripal@gmail.com> wrote:
Hi all,
On Tue, Oct 14, 2014 at 2:04 PM, Madhura Jayaratne <madhura.cj@gmail.com
wrote:
Hi all,
Following queries are used to assess whether the logged in user has super, create user and grant privileges respectively. See [1]
SELECT 1 FROM mysql.user LIMIT 1
This is used to see if user is phpMyAdmin superuser and for phpMyAdmin, the super user is the user having read access to `mysql.user`.
SELECT 1 FROM INFORMATION_SCHEMA.USER_PRIVILEGES WHERE PRIVILEGE_TYPE = 'CREATE USER' LIMIT 1
SELECT 1 FROM INFORMATION_SCHEMA.USER_PRIVILEGES WHERE IS_GRANTABLE =
'YES' LIMIT 1
However, if I create a user with all global privileges except for 'GRANT', 'SUPER', and 'CREATE USER' privileges all the above queries return 1 since the queries does not check for the grantee column. Rows corresponding to root user make all these queries return 1.
Similarly, USER_PRIVILEGES tells about the global privileges of current logged in user. Even if user is not having Global GRANT privilege he can still grant privileges to user (those privileges which he has), So, he is kind of a GRANT user for phpmyadmin.
I don't know why, but I created a similar user that you have created but using that new user can still create more users using that new user.
I just saw my previous research (for some RFE in which this task was done). Actually, the user needs either of global CREATE_USER or INSERT privileges on mysql table (So he can still create user w/o having global create user).
Thanks. This seems to be true. If I remove INSERT global privilege from the user he no longer can create a new user (He was already lacking CREATE_USER privileges)
So each of the queries looks fine to me.
I'm not too sure. The issue is these queries lacking a WHERE GRANTEE = <current user> clause.
Yeah, sorry. My bad. But in that case, We need to check for SCHEMA_PRIVILEGES as well now (at least for CREATE USER privileges).
Also, If I am not wrong, GRANTEE is the user from which he got those particular privileges and is not the current user itself.
If this is true a freshly created use would not have an entry in the USER_PRIVILEGES table (since the new user has not granted anything), but this is not the case.
-- Thanks and Regards,
Madhura Jayaratne
Comprehensive Server Monitoring with Site24x7. Monitor 10 servers for $9/Month. Get alerted through email, SMS, voice calls or mobile push notifications. Take corrective actions from your mobile device. http://p.sf.net/sfu/Zoho _______________________________________________ Phpmyadmin-devel mailing list Phpmyadmin-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/phpmyadmin-devel
On Tue, Oct 14, 2014 at 6:10 PM, Chirayu Chiripal < chirayu.chiripal@gmail.com> wrote:
Hi all,
On Tue, Oct 14, 2014 at 2:04 PM, Madhura Jayaratne madhura.cj@gmail.com wrote:
Hi all,
Following queries are used to assess whether the logged in user has super, create user and grant privileges respectively. See [1]
SELECT 1 FROM mysql.user LIMIT 1
This is used to see if user is phpMyAdmin superuser and for phpMyAdmin, the super user is the user having read access to `mysql.user`.
Yes, super user has been defined in lighter sense inside phpMyAdmin and seems to differ from SUPER global privilege of MySQL. So I guess this is fine.
SELECT 1 FROM INFORMATION_SCHEMA.USER_PRIVILEGES WHERE PRIVILEGE_TYPE = 'CREATE USER' LIMIT 1
SELECT 1 FROM INFORMATION_SCHEMA.USER_PRIVILEGES WHERE IS_GRANTABLE =
'YES' LIMIT 1
However, if I create a user with all global privileges except for 'GRANT', 'SUPER', and 'CREATE USER' privileges all the above queries return 1 since the queries does not check for the grantee column. Rows corresponding to root user make all these queries return 1.
Similarly, USER_PRIVILEGES tells about the global privileges of current logged in user. Even if user is not having Global GRANT privilege he can still grant privileges to user (those privileges which he has), So, he is kind of a GRANT user for phpmyadmin.
I can not seem to do this. My user has SELECT global privilege but fails to grant the same to another user. I get
#1045 - Access denied for user 'aaaa'@'localhost' (using password: NO)
I don't know why, but I created a similar user that you have created but using that new user can still create more users using that new user.
I can do this.
This obviously looks a bug to me. I'm writing to make sure that I'm not missing out on something obvious.
Correct me if I am wrong anywhere. I am doing some more research on it.e push notifications.
Thanks.
-
Chirayu Chiripal -
Madhura Jayaratne -
Marc Delisle