access to a regular table.

The bug was introduced by a patch for Bug 11746602(27480).

Background:
  - privileges for underlying tables of a merge table are checked at
    CREATE / ALTER TABLE time;

  - temporary tables shadow regular(base) tables.

The problem was that only CREATE_TMP_TABLE_ACL was required to create a temporary
merge table over other temporary tables. That led to security hole:
  - create a temporary merge table over the temporary tables, shadowing base tables;
  - drop the underlying temporary tables;
  - get full access to the base tables through the merge table.

The fix is to require SELECT, UPDATE, DELETE privileges on base tables
even if there are temporary tables with the same names.

Technically, the fix is to remove pre-opening of temporary tables
in CREATE / ALTER TABLE for merge tables.

Alternatively, a fix could be to change MERGE tables to remember child
table types at CREATE TABLE time. This approach was considered and rejected,
because it requires a lot of changes in MERGE tables -- now child tables are not
checked at that time.