Closed
Description
Bug Report
Thanks for the active developments! I'm testing the permission behaviors of TiDB database for production use and found the issue that users can also get the names of tables that are not allowed. Please let me know if it's the expected result or not.
1. Minimal reproduce step (Required)
# 1. prepare
# mysql -h 127.0.0.1 -u root -P 4000
MySQL [(none)]> CREATE DATABASE secret;
MySQL [(none)]> CREATE TABLE `secret`.`secret_table` (id int);
MySQL [(none)]> CREATE USER test_user IDENTIFIED BY 'pass'; -- *doesn't have the privilege to access `secret`.`secret_table`*
# 2. check whether the user can get the name of the unpermitted table or not
# mysql -h 127.0.0.1 -u test_user -P 4000 -ppass
# The table must be invisible to the user. The following result is OK.
MySQL [(none)]> SELECT * FROM `INFORMATION_SCHEMA`.`TABLES` WHERE TABLE_SCHEMA = 'secret';
Empty set (0.09 sec)
# But, the user can see the table name using `INFORMATION_SCHEMA`.`TIKV_REGION_STATUS`.
MySQL [(none)]> SELECT * FROM `INFORMATION_SCHEMA`.`TIKV_REGION_STATUS` WHERE DB_NAME = 'secret';
+-----------+--------------------------------------+---------+----------+---------+--------------+----------+----------+------------+----------------+---------------+---------------+------------+------------------+------------------+-------------------------+---------------------------+
| REGION_ID | START_KEY | END_KEY | TABLE_ID | DB_NAME | TABLE_NAME | IS_INDEX | INDEX_ID | INDEX_NAME | EPOCH_CONF_VER | EPOCH_VERSION | WRITTEN_BYTES | READ_BYTES | APPROXIMATE_SIZE | APPROXIMATE_KEYS | REPLICATIONSTATUS_STATE | REPLICATIONSTATUS_STATEID |
+-----------+--------------------------------------+---------+----------+---------+--------------+----------+----------+------------+----------------+---------------+---------------+------------+------------------+------------------+-------------------------+---------------------------+
| 15001 | 748000000000000EFFA900000000000000F8 | | 3753 | secret | secret_table | 0 | NULL | NULL | 5 | 1587 | 0 | 0 | 1 | 0 | NULL | NULL |
+-----------+--------------------------------------+---------+----------+---------+--------------+----------+----------+------------+----------------+---------------+---------------+------------+------------------+------------------+-------------------------+---------------------------+
1 row in set (0.05 sec)
2. What did you expect to see? (Required)
My expectation was it returns the empty set.
MySQL [(none)]> SELECT * FROM `INFORMATION_SCHEMA`.`TIKV_REGION_STATUS` WHERE DB_NAME = 'secret';
Empty set (0.09 sec)
I expected that TiDB adapts MySQL's following behavior even if the user accesses the tables in INFORMATION_SCHEMA which are only supported in TiDB.
For most INFORMATION_SCHEMA tables, each MySQL user has the right to access them, but can see only the rows in the tables that correspond to objects for which the user has the proper access privileges.
Since I didn't check other tables in INFORMATION_SCHEMA yet, there might be same issues.
3. What did you see instead (Required)
MySQL [(none)]> SELECT * FROM `INFORMATION_SCHEMA`.`TIKV_REGION_STATUS` WHERE DB_NAME = 'secret';
+-----------+--------------------------------------+---------+----------+---------+--------------+----------+----------+------------+----------------+---------------+---------------+------------+------------------+------------------+-------------------------+---------------------------+
| REGION_ID | START_KEY | END_KEY | TABLE_ID | DB_NAME | TABLE_NAME | IS_INDEX | INDEX_ID | INDEX_NAME | EPOCH_CONF_VER | EPOCH_VERSION | WRITTEN_BYTES | READ_BYTES | APPROXIMATE_SIZE | APPROXIMATE_KEYS | REPLICATIONSTATUS_STATE | REPLICATIONSTATUS_STATEID |
+-----------+--------------------------------------+---------+----------+---------+--------------+----------+----------+------------+----------------+---------------+---------------+------------+------------------+------------------+-------------------------+---------------------------+
| 15001 | 748000000000000EFFA900000000000000F8 | | 3753 | secret | secret_table | 0 | NULL | NULL | 5 | 1587 | 0 | 0 | 1 | 0 | NULL | NULL |
+-----------+--------------------------------------+---------+----------+---------+--------------+----------+----------+------------+----------------+---------------+---------------+------------+------------------+------------------+-------------------------+---------------------------+
1 row in set (0.05 sec)
4. What is your TiDB version? (Required)
MySQL [(none)]> SELECT tidb_version();
+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| tidb_version() |
+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Release Version: v6.1.1
Edition: Community
Git Commit Hash: 5263a0abda61f102122735049fd0dfadc7b7f8b2
Git Branch: heads/refs/tags/v6.1.1
UTC Build Time: 2022-08-25 10:42:41
GoVersion: go1.18.5
Race Enabled: false
TiKV Min Version: v3.0.0-60965b006877ca7234adaced7890d7b029ed1306
Check Table Before Drop: false |
+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
1 row in set (0.01 sec)
Activity