Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-16238

root/localhost authn prioritizes authentication_string over Password

    XMLWordPrintable

    Details

      Description

      update mysql.user set authentication_string=password('two') where user='root' and host='localhost';
      set password for 'root'@'localhost' = password("one");
      flush privileges;
      

      ^^ You’ll be unable to log in as root/localhost after the above using “one” as the password, but “two” will work.

      A preexisting authentication_string should not take priority over the result of SET PASSWORD FOR.

      This is a problem for installations that are migrated from MySQL 5.7 because these can still have authentication_string values around.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              serg Sergei Golubchik
              Reporter:
              fgasper Felipe Gasper
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: