I just upgraded to mysql 5.0.18 and started using all those cool new
features. :)
But concerning VIEWs, I think the information_schema is too verbose to
the user. I started creating a VIEW that searches information from
several tables, mangles the data and gives the user a clean table with
his data. So far, so good.
But I only give the user access to this VIEW, so he cannot see what's
done to get his data from several tables.
SHOW CREATE VIEW myview;
does (correctly) result in an error that the user is not allowed to see
the CREATE VIEW.
But SELECT * FROM information_schema.views; returns the full query that
ceates the desired VIEW.
I think of this as a security issue because I have user accounts (nss)
that have publicly available credentials but noone should be able to
see how the database really is organized.
What do you think of this? Bug?
cu, Bernd
--
Windows Error 019: User error. It's not our fault. Is not! Is not!
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
I just upgraded to mysql 5.0.18 and started using all those cool new
features. :)
But concerning VIEWs, I think the information_schema is too verbose to
the user. I started creating a VIEW that searches information from
several tables, mangles the data and gives the user a clean table with
his data. So far, so good.
But I only give the user access to this VIEW, so he cannot see what's
done to get his data from several tables.
SHOW CREATE VIEW myview;
does (correctly) result in an error that the user is not allowed to see
the CREATE VIEW.
But SELECT * FROM information_schema.views; returns the full query that
ceates the desired VIEW.
I think of this as a security issue because I have user accounts (nss)
that have publicly available credentials but noone should be able to
see how the database really is organized.
What do you think of this? Bug?
cu, Bernd
--
Windows Error 019: User error. It's not our fault. Is not! Is not!
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
iQIVAwUAQ9DR7w0b18vi86Q/AQJG7w//aszB8jx7a/upqgnUWmRugZWWzxaYRnAB
m4SSCyslZUbimLgvkhzwMr2g+Ox55n7bTD7vJ6PDCiIVq3pjNP7Qt87Dq4Yy3LF8
lvsEwaPUsIpTqnWqnB4t53ONEIEClBcehpWZVamAOKETAuM4gxPiivckAc9BUppc
jFqsCEpYuOyT83ZLL5vmp24Y4xigH5N883NrQ1WSgTHh9Ahp5CCJqKx7prYajA4k
iKDCD+GJ/oEvPhnUEjAHL57X1KMQbd3p25AKWam8+F68xKMBPgtJKG/ALZUZYMEx
A8JZfgplA/1m84SWE7Smb0TuWI4abqK6815ncSzVnI0oginKvSSTcA6XZ535YE7O
LlE+XyqL2rrth7UsdPKO5ZiGCJ9v424LRAKYkThQ3oH8YyS2PO3kmiOPcnuY81fp
odnnJjrirHYOvndPMALUAUoXnBwm+6yucrCbDpffEh/gNx4/wMIEMIjtYOl+jwSg
X1VGSuUW00iBToRvpMQCIbjiM/PJLUkMkOQA9wzJPt6FVQMFKdwu0Ee574GV2LaB
La/m5U37jwkcbzxjwTpcl/5TXvpBok1/9N4/uUHyah3JMW8HOlsgVv1WCLmO+/VA
NOnjz3ogY/1p4TEU3HDPyqOpkVgKRmlAyoPEXprTt1HbJvgrVwVEYtmanAtx6D4r
n3CBsmADou8=
=eDS1
-----END PGP SIGNATURE-----
[ reply ]