Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-16238

root/localhost authn prioritizes authentication_string over Password

    XMLWordPrintable

Details

    Description

      update mysql.user set authentication_string=password('two') where user='root' and host='localhost';
      set password for 'root'@'localhost' = password("one");
      flush privileges;
      

      ^^ You’ll be unable to log in as root/localhost after the above using “one” as the password, but “two” will work.

      A preexisting authentication_string should not take priority over the result of SET PASSWORD FOR.

      This is a problem for installations that are migrated from MySQL 5.7 because these can still have authentication_string values around.

      Attachments

        Issue Links

          Activity

            People

              serg Sergei Golubchik
              fgasper Felipe Gasper
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Git Integration

                  Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.