Closed yzhan1 closed 2 days ago
Root cause seem to be that in https://github.com/pingcap/tidb/blob/6ba94359d5d062ab1e189bd1514bdefba6400fb7/pkg/executor/simple.go#L2448
we are checking if the current user in the session has enough privilege for executing the SET PASSWORD
statement, but the error message is populated with the user in the statement.
Bug Report
Imagine having two users:
u1
withSUPER
privilegeu2
withoutSUPER
privilegeWhen
u2
tries to runSET PASSWORD FOR u1
, it should return an error saying thatu2
does not have enough privilege. But the current error will sayu1
does not have enough privilege, which doesn't seem correct.Tested with MySQL 8.3.0 and verified that the behavior is different:
1. Minimal reproduce step (Required)
Add a unit test:
2. What did you expect to see? (Required)
Should see this error:
[executor:1044]Access denied for user 'u2'@'%' to database 'mysql'
sinceu2
lacks the privileges.3. What did you see instead (Required)
Error:
[executor:1044]Access denied for user 'u1'@'%' to database 'mysql'
Full trace:
4. What is your TiDB version? (Required)
Latest commit or v8.1.0.