Skip to content

escape database underscore wildcard #500

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
May 19, 2020
Merged

escape database underscore wildcard #500

merged 1 commit into from
May 19, 2020

Conversation

Istador
Copy link
Contributor

@Istador Istador commented Oct 4, 2018

if the $MYSQL_DATABASE environment variable contains underscores ("_")
they are now escaped, so that the GRANT matches exactly the given
database name.

@Istador
Copy link
Contributor Author

Istador commented Apr 23, 2020

I force pushed a new version, that is no longer in conflict with the changes made to master since I created this PR.

@Istador @tianon
Escape database underscore wildcard
7a87af0 
if the $MYSQL_DATABASE environment variable contains underscores ("_")
they are now escaped, so that the GRANT matches exactly the given
database name.
@tianon
Copy link
Member

tianon commented May 19, 2020

Sorry for the huge delay 😬

I've updated this to include a change to the templated version of this same script.

For posterity, here's the relevant MySQL documentation: (https://dev.mysql.com/doc/refman/8.0/en/grant.html#grant-quoting)

The _ and % wildcards are permitted when specifying database names in GRANT statements that grant privileges at the database level (GRANT ... ON db_name.*). This means, for example, that to use a _ character as part of a database name, specify it as \_ in the GRANT statement, to prevent the user from being able to access additional databases matching the wildcard pattern (for example, GRANT ... ON foo_bar.* TO ...).

@tianon tianon merged commit bc6e37a into docker-library:master May 19, 2020
docker-library-bot added a commit to docker-library-bot/official-images that referenced this pull request May 20, 2020
@docker-library-bot
Update mysql
910dfd8 
Changes:

- docker-library/mysql@bc6e37a: Merge pull request docker-library/mysql#500 from Istador/escape_database_wildcard
- docker-library/mysql@7a87af0: Escape database underscore wildcard
- docker-library/mysql@a769034: Merge pull request docker-library/mysql#667 from docker-library/github-actions
- docker-library/mysql@ab66888: Add initial GitHub Actions CI
@tianon tianon mentioned this pull request May 20, 2020
Merged
yosifkit added a commit to infosiftr/mariadb that referenced this pull request May 27, 2020
@yosifkit
Add wildcard escaping fix similar to MySQL
1dc8ff1 
docker-library/mysql#500 (comment)
@yosifkit yosifkit mentioned this pull request May 27, 2020
Merged
WengerK referenced this pull request in Games-of-Switzerland/api.swissgamesgarden Jun 2, 2020
@WengerK
attempts to remove escaped mariadb database name - https://github.com…
9b32eb8 
…/docker-library/mysql/pull/500\#issuecomment-631141798
@WengerK WengerK mentioned this pull request Jun 2, 2020
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@Istador @tianon