oak-security-audit security hole

What steps will reproduce the problem?

1.  When running "select * from db\G" you will notice on a default installation 
there are two blank user entries:
*************************** 1. row ***************************
                 Host: %
                   Db: test
                 User: 
*************************** 2. row ***************************
                 Host: %
                   Db: test\_%
                 User: 

2.  lets say I have two users with two different databases that start with 
"test_".  Both users will be able to see the others database with these 
defaults in place.

3.  Here is the test:
-- as root
create database test_user1;
create database test_user2;
grant select on `test_user1`.* to 'user1'@'localhost';
grant select on `test_user2`.* to 'user2'@'localhost'; 

-- as user1
mysql -uuser1

[Wed Apr 13 14:33:35 2011] (user1@localhost) [(none)]> show databases; 
+--------------------+
| Database           |
+--------------------+
| information_schema |
| test               |
| test_user1         |
| test_user2         | <-- user1 should NOT be able to see this database
+--------------------+
4 rows in set (0.00 sec)

[Wed Apr 13 14:33:40 2011] (user1@localhost) [(none)]> show grants; 
+-------------------------------------------------------+
| Grants for user1@localhost                            |
+-------------------------------------------------------+
| GRANT USAGE ON *.* TO 'user1'@'localhost'             |
| GRANT SELECT ON `test_user1`.* TO 'user1'@'localhost' |
+-------------------------------------------------------+

What version of the secure are you using?
This was from the MySQL Conference

On what operating system?
Any OS, any version of MySQL.

Please provide any additional information below.

Please let me know if you need anything else.

best,

Chris Schneider
Original issue reported on code.google.com by schneide...@gmail.com on 13 Apr 2011 at 9:47
foodszhang / openarkkit

oak-security-audit security hole #12
