User Grant does not validate databases
Bug #1257021 reported by
Dan Nguyen
This bug affects 2 people
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack DBaaS (Trove) |
Fix Released
|
Medium
|
Sushil Kumar |
Bug Description
There was a bug reported on our end where a MySQL user was able to change an admin's password.
The recommended fix is to validate databases on grant.
Changed in trove: | |
milestone: | none → icehouse-2 |
status: | Fix Committed → Fix Released |
Changed in trove: | |
milestone: | icehouse-2 → icehouse-3 |
Changed in trove: | |
status: | Fix Released → In Progress |
Changed in trove: | |
importance: | Undecided → Medium |
Changed in trove: | |
status: | Fix Committed → Fix Released |
Changed in trove: | |
milestone: | icehouse-3 → 2014.1 |
To post a comment you must log in.
trove/guestagen t/datastore/ mysql/service. py
def create_user(self, users):
specified databases""" get_engine( )) as client:
user = models.MySQLUser()
user. deserialize( item) :Should users be allowed to create users Grant(user= user.name, host=user.host,
clear= user.password)
client. execute( t)
mydb = models. ValidatedMySQLD atabase( )
mydb. deserialize( database)
g = sql_query. Grant(permissio ns='ALL' , database=mydb.name,
user= user.name, host=user.host,
clear= user.password)
t = text(str(g))
client. execute( t)
"""Create users and grant them privileges for the
with LocalSqlClient(
for item in users:
# TODO(cp16net)
# 'os_admin' or 'debian-sys-maint'
g = sql_query.
t = text(str(g))
for database in user.databases: