[MDEV-14444] Support Role based access control for MariaDB privilege system - Jira

XML

Word

Printable

Details

Type: Task
Status: Closed (View Workflow)
Priority: Major
Resolution: Fixed
Fix Version/s: 10.0.6
Component/s: Authentication and Privilege System
Labels:
None

Description

MariaDB privilege system grants all privilges directly to super user, which will cause unrecoverable issues by accident. For example:
1. User with super privilege can revoke super from himself. This can cause no user to perform operations like "set global variables", etc. Such issue also applies for other privileges.
2. If a user with cooresponding privileges happens to delete mysql database by accident, the server will fail to start up after restart.

A proper solution is to introduce role based access control for MariaDB privilege system. Only users assigned with certain roles can perform corresponding operation which super user can do the assignment.

Attachments

Issue Links

is duplicated by

MDEV-4397 Roles

Closed

Activity

People

Assignee:: Unassigned

Reporter:: Hanzhi (Inactive)

Votes:: 0 Vote for this issue

Watchers:: 5 Start watching this issue

Dates

Created:: 2017-11-20 08:26

Updated:: 2018-02-07 09:53

Resolved:: 2018-02-07 09:53

Git Integration

Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.