[MDEV-21858] START/STOP ALL SLAVES does not return access errors - Jira

Details

Type: Bug
Status: Closed (View Workflow)
Priority: Critical
Resolution: Fixed
Affects Version/s: 10.1(EOL), 10.2(EOL), 10.3(EOL), 10.4(EOL)
Fix Version/s: 11.4.5, 11.7.2
Component/s: Authentication and Privilege System, Replication
Labels:
None

Description

MariaDB [(none)]> show grants;

+---------------------------------------+

| Grants for u@localhost                |

+---------------------------------------+

| GRANT USAGE ON *.* TO `u`@`localhost` |

+---------------------------------------+

1 row in set (0.000 sec)

MariaDB [(none)]> stop slave;

ERROR 1045 (28000): Access denied for user 'u'@'localhost' (using password: NO)

MariaDB [(none)]> stop all slaves;

Query OK, 0 rows affected (0.000 sec)

Same with start all slaves.
The commands don't actually do anything if the user is unprivileged, so there is no security problem, but I suppose they should be returning the error rather than silently do nothing.

Attachments

Activity

Ascending order - Click to sort in descending order

Kristian Nielsen added a comment - 2024-12-02 13:17

Patch: https://lists.mariadb.org/hyperkitty/list/commits@lists.mariadb.org/thread/XRAZAM4IZWO2S3RRLRJ6X4SUNJSRJV2W/

The reason there is no error given is that there are no slaves that need starting/stopping. So "doing nothing" is the correct behaviour.

Still, I agree, the command should fail unconditionally if the user does not have the privilege. But I suggest fixing in 11.4 to not risk changing older GA versions, as the user impact of the bug is minor.

Kristian Nielsen added a comment - 2024-12-02 13:17 Patch: https://lists.mariadb.org/hyperkitty/list/commits@lists.mariadb.org/thread/XRAZAM4IZWO2S3RRLRJ6X4SUNJSRJV2W/ The reason there is no error given is that there are no slaves that need starting/stopping. So "doing nothing" is the correct behaviour. Still, I agree, the command should fail unconditionally if the user does not have the privilege. But I suggest fixing in 11.4 to not risk changing older GA versions, as the user impact of the bug is minor.

Kristian Nielsen added a comment - 2024-12-05 11:45

Pushed to 11.4

Kristian Nielsen added a comment - 2024-12-05 11:45 Pushed to 11.4

People

Assignee:: Kristian Nielsen

Reporter:: Elena Stepanova

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 2020-03-02 17:31

Updated:: 2024-12-05 11:45

Resolved:: 2024-12-05 11:45

Git Integration

Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.

MariaDB Server