Permission denied for object sysmonitors [Sybase] - sybase-ase

I got permission denied problem which executing query for Sybase.
1. Exception: SELECT permission denied on object sysmonitors, database master, owner dbo.
2. Exception: master.dbo.monCachePool not found. Specify owner.objectname or use sp_help to check whether the objects persist(sp_help may produce lots of product).
My database is sybasedb and my username is tester, not sa. For super user 'sa' is okay, no exception. But when I created normal user and tested it, I got these exceptions. I thought that this is permission issue. That's why I grant permission for this user 'test' to be able to access these tables. Like this:
grant select on master.dbo.monCachePool, master.dbo.monDataCache to tester
But still can not. I got above exceptions. Please help me how to solve it.

It is probably because you have not granted the correct role to your test user. You must add mon_role to your user to access the monitoring tables.
grant role mon_role to *username*
or
sp_role 'grant', mon_role, *username*
More information can be found in the Performance and Tuning Series: Monitoring Tables

Related

Help find security flaws in this MySQL page?

I am trying to find security flaws in a MySQL page. It is an assignment for a class learning about SQL. Through a textbox, they will be given access to a database to submit queries and see if it returns the correct data sets. I want to find out if there's anything malicious they could do.
This is the result of a SHOW GRANTS query:
Grants for user#localhost
GRANT USAGE ON *.* TO 'user'#'localhost' IDENTIFIED BY PASSWORD 'the password'
GRANT SELECT ON `server\_dir`.* TO 'user'#'localhost'
GRANT SELECT ON `server\_dir\_ans`.* TO 'user'#'localhost'
Can someone explain what these GRANT statements mean? What is *.* and GRANT USAGE? What else can I do to this site to break it?
The site itself is written in PHP.
In response to The Rook, when I execute:
UPDATE mysql.user set Password = password("hacked");
FLUSH PRIVILEGES;
I get back:
Error Number: 1142. UPDATE command denied to user 'user'#'localhost' for table 'user'
Error Number: 1227. Access denied; you need the RELOAD privilege for this operation
As I thought, it appears that the user lacks permissions necessary to do this. Or am I misunderstanding something?
*.* means all tables on all databases.
The flaws in security will happen more in the php than in the msyql, see this Wikipedia article for common issues: SQL Injection.
GRANT USAGE means no privileges.

Why is Wordpress creating a giant error_log file?

I have a small Wordpress website hosted on my shared Hostgator server. I wasn't paying much attention to it, because the website is working fine, until recently when I noticed a ~40GB error log file in the root folder. I wasn't able to open the file so I delete it and waited for the file to show up again. Few seconds later the file was there again with this line inside:
[07-Nov-2016 04:26:22] WordPress database error DELETE command denied to user 'HIDDEN_DATABASE_NAME'#'localhost' for table 'sv_options' for query DELETE FROM sv_options WHERE option_name = '_transient_doing_cron' made by delete_transient, delete_option
I've run repair and optimize in the phpMyAdmin, but this line is still being added into the file approximately every 2 minutes. How should I find what's causing this error? I'm not an expert but I can find my way around cPanel.
From the error it seems that mysql user which is trying to perform DELETE doesn't have permission to do that. What you have to do is to give permission to this user, like:
grant all privileges on mydb.* to myuser#'%' identified by 'mypasswd';
grant all privileges on mydb.* to myuser#localhost identified by 'mypasswd';
FLUSH PRIVILEGES;
This should stop adding errors to your log. More references about MySQL grant and privileges
You can see all privileges for the user in phpmyadmin also with the following sql
show grants for myuser#'localhost';
NOTE: Above statements will give ALL privileges to one user which from security point of view isn't good idea. Since the error is about DELETE you can give delete privileges only to user ( or select, update, insert if needed also )
GRANT DELETE ON mydb.* to myuser#'%' identified by 'mypasswd';

PHP PDO MySQL Access Denied on Create Table

User can login via PHP PDO user, password, database and select, insert, update.
But on Create table fails with access denied error. Same user can log in via MySQL client and create table.
Grant shows that user#localhost has create privileges for the database.
How do I start diagnosing this issue?
Actually, in mysql users are granted based on host where the user will try to access the db. Look into you mysql.user table.
The application might be deployed at host 1 therefore using user A#host1, and on login to MySQL client at host2 you are using user A#host2.
These have different permissions in users table. So I suggest to start by looking there
A bunch of "little" errors in my code. All the responses got me looking in the right places.
Probably the main one was my misunderstanding of the connection to the database. Since the user was logged in to a database I assumed the CREATE TEMP Table would create it there. It didn't - it needed an explicit database.
Thanks for all the suggestions
Frank P

XAMPP - SELECT command denied to user ''#'localhost' for table 'users'

Awhile back I deleted and messed around with some functions in XAMPP.
I reinstalled it and moved/renamed my folder with all my other files so I now have a new xampp directory that's empty and fresh.
But when I try to use any database functionality it gives me error(s) like the one below:
SELECT command denied to user ''#'localhost' for table 'users'
What's wrong?
Thanks.
The user has not been given privileges to read the tables.
When creating an user for the database through the cpanel of your host, you can give the user the privileges.
Or read this documentation to do it through MySql command,
http://dev.mysql.com/doc/refman/5.1/en/grant.html
you can solve through Enabling the use of SELECT
GRANT SELECT ON db.table TO 'user'#'localhost';
or
Grant all on db.table to 'user'#'localhost';
I've just gave the access to the added user, to use phpMyAdmin database, and it works perfectly:
GRANT SELECT,UPDATE,DELETE,INSERT ON phpmyadmin.* TO user#'localhost' IDENTIFIED BY 'PASSWORD';
For me, the user before the at sign being empty was key to figuring out the problem.
I had an account ''#localhost (it showed up at <anonymous>#localhost in mysqladmin) that mysql was logging me into instead of the user I requested. This is because mysql selects your user based on some logic and not the requested user name alone.
Deleting the anonymous user fixed the problem.

Unique MySQL error message

I am getting a pretty obvious error message from my script, but I know my details are right and that I have grant requests from this web service (000webhost.net). Apparently others on the web are not getting this error and after 3 days of this message, I am getting pretty frustrated! Does anyone know how to fix it through my provider:
Access denied for user 'a3040562_kputts'#'10.1.1.18' to database 'ireport'
Also, here is the piece of sample code incase others think I am typing in the wrong information:
// Make a MySQL Connection
mysql_connect("mysql4.000webhost.com", "a3040562_kputts", "(censored)") or die(mysql_error());
mysql_select_db("ireport") or die(mysql_error());
You are successfully connecting to the database server, but your user does not have the necessary MySQL permissions to use that particular database. You will need to execute a GRANT query as a privileged user (or one with GRANT OPTION permissions on that database).
To allow this user to use the database (but not necessarily any tables):
GRANT USAGE ON ireport.* TO 'a3040562_kputts'#'10.1.1.18';
To allow this user full permission on all objects in that database:
GRANT ALL ON ireport.* TO 'a3040562_kputts'#'10.1.1.18';
Is the a3040562_kputts your account (as in, no one shares it)? If others use it too, do they access the database from a different location? This error usually crops up when a User account doesn't have the correct permissions to access a database.
You will need someone with higher access to check the permissions table to ensure that account can access the table. If the account can but you are still being denied, get them to double check the 'hosts' field as well (that field controls where a request may come from, sometimes it defaults to 'localhost' so only the server can access itself, I believe if you have permissions on host '*' you can use it from anywhere).

Resources