[MDEV-17852] Altered connection limits for user have no effect - Jira

Details

Type: Bug
Status: Closed (View Workflow)
Priority: Major
Resolution: Fixed
Affects Version/s: 10.2(EOL), 10.3(EOL), 10.4(EOL)
Fix Version/s: 10.2.37, 10.3.28, 10.4.18, 10.5.9
Component/s: Authentication and Privilege System
Labels:
- upstream-fixed

Description

This issue points out a difference between MySQL and MariaDB, where MySQL seems to have the expected behavior. When you update MAX_CONNECTIONS_PER_HOUR for a user the change can be seen in the users table, but in MariaDB it has no effect in practice. A blocked user will still not be able to connect. This can have serious consequences in production.

With MySQL 8.0.13 the ALTER actually lets new clients connect with the account, but with MariaDB 10.2.19 it does not. See the attached text file for a simple repro case with Docker.

MDEV-17852-repro.txt

I've also tested to change the limit using the following statements, but with the same result:

UPDATE mysql.user SET max_connections = 0 WHERE user='testuser'; FLUSH PRIVILEGES;
GRANT USAGE ON . TO 'site_devkit_live_index'@'%' WITH MAX_CONNECTIONS_PER_HOUR 0;
Delete and re-create the user with a higher limit.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending
- Thumbnails
- List
- Download All

MDEV-17852-repro.txt
2 kB
2018-11-27 15:43
MDEV-17852-repro-docker-with-workaround.txt
2 kB
2018-11-29 23:24
test-max-user-connections.txt
0.9 kB
2018-11-28 08:45

Activity

People

Assignee:: Sergei Golubchik

Reporter:: Staffan Olsson

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 2018-11-27 15:41

Updated:: 2021-01-12 09:23

Resolved:: 2021-01-12 09:23

Git Integration

Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.

MariaDB Server

Details

Description

Attachments

Attachments

Activity

People

Dates

Git Integration