Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Incorrect EFFECTIVE_USER in functions #8295

Open
asfernandes opened this issue Oct 28, 2024 · 0 comments
Open

Incorrect EFFECTIVE_USER in functions #8295

asfernandes opened this issue Oct 28, 2024 · 0 comments
Labels
affect-version: 4.0.5 affect-version: 5.0.1 affect-version: 6.0 Initial component: engine

Comments

@asfernandes
Copy link
Member 

isql -term ! -user dbo
create database 't.fdb' user dbo!

create or alter function oi returns varchar(15) sql security invoker as
begin return rdb$get_context('SYSTEM', 'EFFECTIVE_USER'); end!

create or alter function od returns varchar(15) sql security definer as
begin return rdb$get_context('SYSTEM', 'EFFECTIVE_USER'); end!

create or alter procedure oi returns (o varchar(15)) sql security invoker as
begin o = rdb$get_context('SYSTEM', 'EFFECTIVE_USER'); end!

create or alter procedure od returns (o varchar(15)) sql security definer as
begin o = rdb$get_context('SYSTEM', 'EFFECTIVE_USER'); end!

grant execute on function oi to public!
grant execute on function od to public!
grant execute on procedure oi to public!
grant execute on procedure od to public!

isql t.fdb -term ! -user u1

-- Correct: U1
execute procedure oi!

-- Correct: DBO
execute procedure od!


-- Correct: U1
select oi() from rdb$database!

-- Incorrect: U1
select od() from rdb$database!
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
affect-version: 4.0.5 affect-version: 5.0.1 affect-version: 6.0 Initial component: engine
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@asfernandes