Return-Path: Delivered-To: apmail-db-derby-dev-archive@www.apache.org Received: (qmail 8986 invoked from network); 19 Nov 2009 19:00:03 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.3) by minotaur.apache.org with SMTP; 19 Nov 2009 19:00:03 -0000 Received: (qmail 20152 invoked by uid 500); 19 Nov 2009 19:00:02 -0000 Delivered-To: apmail-db-derby-dev-archive@db.apache.org Received: (qmail 20083 invoked by uid 500); 19 Nov 2009 19:00:02 -0000 Mailing-List: contact derby-dev-help@db.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: Delivered-To: mailing list derby-dev@db.apache.org Received: (qmail 20074 invoked by uid 99); 19 Nov 2009 19:00:02 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 19 Nov 2009 19:00:02 +0000 X-ASF-Spam-Status: No, hits=-10.5 required=5.0 tests=AWL,BAYES_00,RCVD_IN_DNSWL_HI X-Spam-Check-By: apache.org Received: from [140.211.11.140] (HELO brutus.apache.org) (140.211.11.140) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 19 Nov 2009 19:00:00 +0000 Received: from brutus (localhost [127.0.0.1]) by brutus.apache.org (Postfix) with ESMTP id C2FE8234C48D for ; Thu, 19 Nov 2009 10:59:39 -0800 (PST) Message-ID: <1242708522.1258657179797.JavaMail.jira@brutus> Date: Thu, 19 Nov 2009 18:59:39 +0000 (UTC) From: "Rick Hillegas (JIRA)" To: derby-dev@db.apache.org Subject: [jira] Commented: (DERBY-4191) Lack of SELECT privilege does not prevent SELECT COUNT(*) In-Reply-To: <317785562.1240841430607.JavaMail.jira@brutus> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394 [ https://issues.apache.org/jira/browse/DERBY-4191?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12780202#action_12780202 ] Rick Hillegas commented on DERBY-4191: -------------------------------------- Hi Mamta, Without seeing how the method is used it is hard to comment. However, I think you are trying to capture the sense of "The absolutely minimal set of permissions needed to SELECT from a table." That is my sense of what is meant by part 2, section 7.6 , access rule 1.ii.1.B. So a better name for your proposed method may be getMinimalSelectPermissionsList(). Another way to tackle this might be to invent a new kind of permission which can't be granted but which can be used internally: a MINIMAL_SELECT_PRIVILEGE for tables. This solution would look something like the following: o At bind time, you would add a MINIMAL_SELECT_PRIVILEGE( T ) to the list of required table privileges for every table T that is selected from. o For extra credit, this privilege could be removed from the list for any table which has other required SELECT privileges. That removal might happen during bind() or maybe during code generation. Alternatively, you could wait till execution time to short-circuit the check for this privilege. o At execution time, you would then do what I think you're planning on: If you see a MINIMAL_SELECT_PRIVILEGE required for a table, you would check whether the user/currentRole enjoys a table-wide SELECT privilege or SELECT privilege on at least one column. Thanks, -Rick > Lack of SELECT privilege does not prevent SELECT COUNT(*) > --------------------------------------------------------- > > Key: DERBY-4191 > URL: https://issues.apache.org/jira/browse/DERBY-4191 > Project: Derby > Issue Type: Bug > Components: SQL > Affects Versions: 10.4.2.0, 10.5.1.1 > Reporter: Knut Anders Hatlen > Attachments: repro.sql > > > A user that does not have SELECT privilege on a table can still perform a SELECT COUNT(*) on that table. Counting a specific column (e.g., SELECT COUNT(X)) is prevented. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.