Details
-
Bug
-
Status: Closed (View Workflow)
-
Critical
-
Resolution: Fixed
-
10.1(EOL), 10.2(EOL), 10.3(EOL), 10.4(EOL)
-
None
Description
MariaDB [(none)]> show grants;
|
+---------------------------------------+ |
| Grants for u@localhost | |
+---------------------------------------+ |
| GRANT USAGE ON *.* TO `u`@`localhost` | |
+---------------------------------------+ |
1 row in set (0.000 sec) |
|
MariaDB [(none)]> stop slave;
|
ERROR 1045 (28000): Access denied for user 'u'@'localhost' (using password: NO) |
MariaDB [(none)]> stop all slaves; |
Query OK, 0 rows affected (0.000 sec) |
Same with start all slaves.
The commands don't actually do anything if the user is unprivileged, so there is no security problem, but I suppose they should be returning the error rather than silently do nothing.
Patch: https://lists.mariadb.org/hyperkitty/list/commits@lists.mariadb.org/thread/XRAZAM4IZWO2S3RRLRJ6X4SUNJSRJV2W/
The reason there is no error given is that there are no slaves that need starting/stopping. So "doing nothing" is the correct behaviour.
Still, I agree, the command should fail unconditionally if the user does not have the privilege. But I suggest fixing in 11.4 to not risk changing older GA versions, as the user impact of the bug is minor.