[MXS-633] Galera Monitor should not require the REPLICATION CLIENT privilege - Jira

XML

Word

Printable

Details

Type: Bug
Status: Closed (View Workflow)
Priority: Major
Resolution: Fixed
Affects Version/s: 1.4.0
Fix Version/s: 2.0.0
Component/s: galeramon, ndbclustermon
Labels:
None

Description

The Galera monitor itself does not need the REPLICATION CLIENT privilege, since it has no reason to execute SHOW SLAVE STATUS. Nevertheless, core/monitor.c contains a hardcoded check for this privileged used for all modules.

Granting unnecessary privileges is a security risk, so advice to do so should be avoided.

The permissions required for each monitor should probably be defined by each monitor, not in a central location.

Attachments

Activity

People

Assignee:: markus makela

Reporter:: Kolbe Kegel (Inactive)

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 2016-03-21 18:45

Updated:: 2016-03-30 13:53

Resolved:: 2016-03-30 13:53

Time Tracking

Estimated:

Not Specified

Remaining:

Logged:

1d 3h

Git Integration

Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.