[
https://issues.apache.org/jira/browse/DERBY-4191?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Knut Anders Hatlen updated DERBY-4191:
--------------------------------------
Attachment: repro.sql
Attached is a repro script showing that count(x) is disallowed and count(*) is
allowed for a non-privileged user.
$ java -Dderby.database.sqlAuthorization=true -jar lib/derbyrun.jar ij repro.sql
ij version 10.5
ij> connect 'jdbc:derby:db;user=root;create=true';
WARNING 01J14: SQL authorization is being used without first enabling
authentication.
ij> create table t (x int);
0 rows inserted/updated/deleted
ij> insert into t values 1,2,3;
3 rows inserted/updated/deleted
ij> connect 'jdbc:derby:db;user=kah';
WARNING 01J14: SQL authorization is being used without first enabling
authentication.
ij(CONNECTION1)> select count(x) from root.t;
ERROR 42502: User 'KAH' does not have SELECT permission on column 'X' of table
'ROOT'.'T'.
ij(CONNECTION1)> select count(*) from root.t;
1
-----------
3
1 row selected
ij(CONNECTION1)>
> Lack of SELECT privilege does not prevent SELECT COUNT(*)
> ---------------------------------------------------------
>
> Key: DERBY-4191
> URL: https://issues.apache.org/jira/browse/DERBY-4191
> Project: Derby
> Issue Type: Bug
> Components: SQL
> Affects Versions: 10.4.2.0, 10.5.1.1
> Reporter: Knut Anders Hatlen
> Attachments: repro.sql
>
>
> A user that does not have SELECT privilege on a table can still perform a
> SELECT COUNT(*) on that table. Counting a specific column (e.g., SELECT
> COUNT(X)) is prevented.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
