Comments (3)
@rschu1ze result is incorrect with the cache enabled https://fiddle.clickhouse.com/b79e57c1-e687-4985-9489-17eb1ff20a94
In some sense this is a CVE, because an unauthorized user can peek a data.
from clickhouse.
Why this example is so over complicated ? It reproduces with any query https://fiddle.clickhouse.com/7ae271e9-e866-4187-a6d6-e84e89a8910e
from clickhouse.
Even more minimal repro: https://fiddle.clickhouse.com/6661f07d-1372-4088-a0ea-9ff0d20090f3
Yes, the user can peek data from tables/columns without having SELECT privileges (assigned directly or by a role).
The source of the problem is that the query cache is based on comparing query ASTs. The same identifier in two ASTs can mean different things ...
The right fix would be to compare the representation with resolved identifiers produced by the Analyzer. It would be a bigger rewrite, however.
A quickfix would be to introduce a privilege for running queries with the query cache. This basically recognizes that the query cache usage can be a security risk (this would also be documented) and must be explicitly enabled by assigning the corresponding privilege. Such a privilege would be similar in spirit to the INTROSPECTION privilege.
Not sure what is the best route here, let me discuss internally.
EDIT: After discussion, we'll go with the quickfix (#64199, will also be backported), and for master
I'll switch the query cache to use the Analyzer-representation with resolved identifiers (#64223).
from clickhouse.
Related Issues (20)
- HTTP Interface returns 200 OK in case of server-side receive timeout while reading (parts of) the request body
- Autocast Strings to Int for Enum for JSON
- Why I do not need SELECT on all source tables to select from mv with PASTE JOIN
- Dual password support HOT 4
- Skip Index `set` is not used with IN operator HOT 1
- TopK with Counts HOT 1
- Crash in index analysis with tuple HOT 1
- If you query a directory with s3 or file-like engines, it should be identical to querying `*` inside it. HOT 4
- With analyzer on restriction `joined_subquery_requires_alias` is not working
- Add CTE support to UDF
- Cache dictionary + short circuit evaluation: Expected the argument №3 ('' of type String) to have 256 rows, but it has 240
- Load job "system.part_log" failed JSON exception: error: 1 unexpected end of data HOT 3
- `02572_query_views_log_background_thread` is flaky
- Add ENUM support to WITH FILL
- 23.11 segfault HOT 1
- FINAL on table with is_deleted works 10-30 times slower than expected HOT 3
- 24.4+ SSL config disableProtocols is overridden by requireTLSv1_2
- The data retrieved with the same query conditions fluctuates up and down, sometimes more and sometimes less! HOT 8
- [RFC] Checking backups checksums during RESTORE
- ALTER TABLE xxx MATERIALIZE COLUMNS/INDEXES/PROJECTIONS
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from clickhouse.