Uploaded image for project: 'MariaDB MaxScale'
  1. MariaDB MaxScale
  2. MXS-2623

MaxScale should write a log message if a user with SUPER privileges connects

    XMLWordPrintable

    Details

    • Sprint:
      MXS-SPRINT-88, MXS-SPRINT-89, MXS-SPRINT-90, MXS-SPRINT-101, MXS-SPRINT-102

      Description

      I think that it would be helpful if MaxScale could write a log message if a user with SUPER privileges connected to the instance. A pre-requisite for this would probably have to be that skip_authentication is not set.

      https://mariadb.com/kb/en/mariadb-maxscale-23-mysql-authenticator/#skip_authentication

      The main reason is that users with SUPER privileges can cause some serious issues, particularly when MaxScale is using MariaDB Monitor. In that case, users with SUPER privileges can still write to the servers while failover is occurring, which can cause failover to break. This problem seems to occur quite frequently.

      If we add this log message, then maybe it should be optional. Should it be an option that is configurable in authenticator_options? Or should it only be written when log_info is enabled?

        Attachments

          Activity

            People

            Assignee:
            esa.korhonen Esa Korhonen
            Reporter:
            GeoffMontee Geoff Montee
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: