You are viewing a plain text version of this content. The canonical link for it is here.
Posted to derby-dev@db.apache.org by "Rick Hillegas (JIRA)" <ji...@apache.org> on 2008/07/02 16:19:45 UTC
[jira] Commented: (DERBY-3736) Revoking a column level privilege
from a user, a prepared statement relying on that privilege can still be
executed
[ https://issues.apache.org/jira/browse/DERBY-3736?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12609930#action_12609930 ]
Rick Hillegas commented on DERBY-3736:
--------------------------------------
Thanks for the patch, Dag. It looks good. You might want to decorate your one line fix with the comment block which explains why INTERNAL_RECOMPILE_REQUEST is being requested:
// When revoking a privilege from a Table we need to
// invalidate all GPSs refering to it. But GPSs aren't
// Dependents of TablePermsDescr, but of the
// TableDescriptor itself, so we must send
// INTERNAL_RECOMPILE_REQUEST to the TableDescriptor's
// Dependents.
Thanks,
-Rick
> Revoking a column level privilege from a user, a prepared statement relying on that privilege can still be executed
> --------------------------------------------------------------------------------------------------------------------
>
> Key: DERBY-3736
> URL: https://issues.apache.org/jira/browse/DERBY-3736
> Project: Derby
> Issue Type: Bug
> Components: Security, SQL
> Affects Versions: 10.3.1.4, 10.3.2.1, 10.3.3.0, 10.4.1.3
> Reporter: Dag H. Wanvik
> Assignee: Dag H. Wanvik
> Attachments: column-level.sql, derby-3736.diff, derby-3736.stat, GrantRevokeDDLTest.diff, table-level.sql
>
>
> When a table level SELECT privilege is revoked, a dependent prepared statement is
> invalidated and can no longer be executed, but in the case of a column level privilege
> SELECT privilege, the dependent prepared statement can still be executed.
> This works as expected in 10.2, but does not work in all 10.3 and 10.4 releases.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.