Watch, Follow, &
Connect with Us
Public Report
Report From: InterBase/Server    [ Add a report in this area ]  
Report #:  124257   Status: Resolved
Global temporary tables allow only grant all
Project:  InterBase Build #:  XE3 UP 4
Version:    11.0 Submitted By:   Karol Bieniaszewski
Report Type:  Basic functionality failure Date Reported:  4/22/2014 11:54:29 PM
Severity:    Commonly encountered problem Last Updated: 3/17/2015 1:11:54 PM
Platform:    Not OS or platform specific Internal Tracking #:  
Resolution: As Designed (Resolution Comments) Resolved in Build: : None
Duplicate of:  None
Voting and Rating
Overall Rating: No Ratings Yet
0.00 out of 5
Total Votes: None
Description
Global temporary tables allow only grant all
We know that this is Interbase implementation limit - but please remove this limit.
This is against sql standard that table also global not suport specific grant like select, insert ..

This block some feature to be secured or Implemented at all

please add support for specific privilege restrictions
Steps to Reproduce:
CREATE GLOBAL TEMPORARY TABLE GT_TEST
(ID INTEGER)
commit;

grant select on GT_TEST TO KBIENIASZEWSKI

now we get an error: "must grant or revoke all privileges on a temporary table"
exp: privilege should be granted



-------------------------------------
now example why it is important

create global temporary table disablers
(NAME VARCHAR(100)
) on commit delete rows;

create trigger audit_test on test
Active after insert
as
declare variable var_count integer;
begin
  select count(*) from disablers where name = 'disable_audit_test' into :var_count;
  if (:var_count=0) then
    begin
  .....
    end
end;


as you can see if anyone have privilege to insert into global temporary table "disablers" then every user can disable audit trigger but this should be possible only for limited use like global table update when eg. new field was created and inited with value..
Workarounds
None
Attachment
None
Comments

Karol Bieniaszewski at 5/5/2014 11:14:13 PM -
I add sample why this is important feature

Server Response from: ETNACODE01