File: rpl_priv_checks_user_suid_fails.test

package info (click to toggle)
mysql-8.0 8.0.43-3
  • links: PTS, VCS
  • area: main
  • in suites: sid
  • size: 1,273,924 kB
  • sloc: cpp: 4,684,605; ansic: 412,450; pascal: 108,398; java: 83,641; perl: 30,221; cs: 27,067; sql: 26,594; sh: 24,181; python: 21,816; yacc: 17,169; php: 11,522; xml: 7,388; javascript: 7,076; makefile: 2,194; lex: 1,075; awk: 670; asm: 520; objc: 183; ruby: 97; lisp: 86
file content (125 lines) | stat: -rw-r--r-- 3,963 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
 
# ==== Purpose ====
#
# This scripts verifies that when the replication applier has SET_USER_ID but no
# SYSTEM_USER privileges it fails to SUID to a system user.
#
# ==== Requirements ====
#
# R1. An account with no `SUPER` or `SYSTEM_USER` MUST NOT have the capability
#     of SUID to a `SYSTEM_USER` privileged account.
#
# ==== Implementation ====
#
# 1) Setup up slave to use an applier security context and grant privilege
#    `SET_USER_ID`.
# 2) On the master, create a user with privileges to create a procedure, named
#    'u2'@'localhost'.
# 3) On the slave, create a user with the same name - 'u2'@'localhost' - with no
#    system user privileges.
# 4) On the master, create a procedure using 'u2'@'localhost'.
# 5) Synchronize the slave with the master and expect success.
# 6) Ensure the procedure exists on the slave.
# 7) On the slave, grant `SYSTEM_USER` to 'u2'@'localhost'.
# 8) On the master, create another procedure using 'u2'@'localhost'.
# 9) Wait for slave to error out, without privileges.
#
# ==== References ====
#
# BUG#30032129 ADD TEST THAT ERRORS IF APPLIER USER TRIES TO `SUID` TO A SYSTEM
#              USER ACCOUNT
#
--source include/have_binlog_format_row.inc
--source include/skip_config_privilege_checks_user.inc

--let $applier_user = 'u1'@'localhost'
--let $system_user = 'u2'@'localhost'

#
# 1) Setup up slave to use an applier security context and grant privilege
#    `SET_USER_ID`.
#
--let $rpl_privilege_checks_user = *:$applier_user
# Since $rpl_privilege_checks_user is instantiated the replication applier has
# no privileges on the test database
--let $RPL_PRIV_DB = test
--let $rpl_privilege_checks_user_additional_grants = SET_USER_ID, CREATE ROUTINE, CREATE USER, ALTER ROUTINE
--source include/master-slave.inc

CALL mtr.add_suppression(".*Access denied. you need .at least one of. the SYSTEM_USER.*");
CALL mtr.add_suppression(".*The replica coordinator and worker threads are stopped.*");

#
# 2) On the master, create a user with privileges to create a procedure, named
#    'u2'@'localhost'.
#
SET sql_log_bin = 0;
--eval CREATE USER $system_user
--eval GRANT CREATE ROUTINE ON *.* TO $system_user
SET sql_log_bin = 1;

#
# 3) On the slave, create a user with the same name - 'u2'@'localhost' - with no
#    outstanding privileges.
#
--source include/rpl_connection_slave.inc
--eval CREATE USER $system_user

#
# 4) On the master, create a procedure using 'u2'@'localhost'.
#
--replace_result $MASTER_MYPORT MASTER_PORT
--connect(sys_user_conn, localhost, u2,, $RPL_PRIV_DB, $MASTER_MYPORT)
--connection sys_user_conn
--delimiter @
CREATE PROCEDURE simpleproc1 (OUT param1 INT)
BEGIN
  SELECT COUNT(*) INTO param1 FROM t;
END@
--delimiter ;
--source include/rpl_connection_master.inc

#
# 5) Synchronize the slave with the master and expect success.
#
--source include/sync_slave_sql_with_master.inc

#
# 6) Ensure the procedure exists on the slave.
#
--let $count = `SELECT COUNT(*) FROM information_schema.routines WHERE routine_name = "simpleproc1"`
--let $assert_text = Procedure simpleproc1 does exist
--let $assert_cond = $count = 1
--source include/assert.inc

#
# 7) On the slave, grant `SYSTEM_USER` to 'u2'@'localhost'.
#
--eval GRANT SYSTEM_USER ON *.* TO $system_user

#
# 8) On the master, create another procedure using 'u2'@'localhost'.
#
--connection sys_user_conn
--delimiter @
CREATE PROCEDURE simpleproc2 (OUT param1 INT)
BEGIN
  SELECT COUNT(*) INTO param1 FROM t;
END@
--delimiter ;
--disconnect sys_user_conn

#
# 9) Wait for slave to error out, without privileges.
#
--source include/rpl_connection_slave.inc
--let $slave_sql_errno = convert_error(ER_SPECIFIC_ACCESS_DENIED_ERROR)
--source include/wait_for_slave_sql_error.inc

# Clean up
--eval GRANT SYSTEM_USER ON *.* TO $applier_user
--source include/start_slave.inc
--source include/rpl_connection_master.inc
DROP PROCEDURE simpleproc1;
DROP PROCEDURE simpleproc2;
--eval DROP USER $system_user
--source include/rpl_end.inc