Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-20299

"sudo" feature in the server

    XMLWordPrintable

    Details

      Description

      SUPER privilege gives the ability to specify an arbitrary definer for views and stored routines. That basically means that a SUPER user can execute commands as any other user.

      To make this functionalty more convenient to use, the server could allow SUPER user to "sudo" directly into any other user without authentication.

      Practically this could work by making COM_CHANGE_USER to succeed if the old user had SUPER, even if the authentication for the new user failed.

      Note: after MDEV-21743 it won't be SUPER but a different privilege

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              Unassigned
              Reporter:
              serg Sergei Golubchik
              Votes:
              1 Vote for this issue
              Watchers:
              6 Start watching this issue

                Dates

                Created:
                Updated: