Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-20299

"sudo" feature in the server

    XMLWordPrintable

Details

    Description

      SUPER privilege gives the ability to specify an arbitrary definer for views and stored routines. That basically means that a SUPER user can execute commands as any other user.

      To make this functionalty more convenient to use, the server could allow SUPER user to "sudo" directly into any other user without authentication.

      Practically this could work by making COM_CHANGE_USER to succeed if the old user had SUPER, even if the authentication for the new user failed.

      Note: after MDEV-21743 it's SET USER not SUPER

      Attachments

        Issue Links

          blocks

          New Feature - A new feature of the product, which has yet to be developed. MXS-5130 Support for PARSEC auth plugin from MDEV-32618

          • Major - Major loss of function.
          • Open
          is blocked by

          Task - A task that needs to be done. MDEV-21743 Split up SUPER privilege to smaller privileges

          • Critical - Crashes, loss of data, severe memory leak.
          • Closed
          relates to

          New Feature - A new feature of the product, which has yet to be developed. MDEV-34386 Make SQL proxy authentication easier and safer

          • Major - Major loss of function.
          • Open

          Activity

            People

              Unassigned Unassigned
              serg Sergei Golubchik
              Votes:
              3 Vote for this issue
              Watchers:
              8 Start watching this issue

              Dates

                Created:
                Updated:

                Git Integration

                  Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.