[#MDEV-21000] default behaviour of sql security and should be configurable.

[MDEV-21000] default behaviour of sql security and should be configurable. Created: 2019-06-19 Updated: 2021-01-25
Status:	Open
Project:	MariaDB Server
Component/s:	None
Fix Version/s:	None

Type:

Task

Priority:

Minor

Reporter:

Richard Stracke

Assignee:

Unassigned

Resolution:

Unresolved

Votes:

Labels:

Roles

Issue Links:

Relates
relates to	~~MDEV-5669~~	Possible inconsistencies or lack of d...	Closed

Description

For Trigger , Views and SPs,

the default values are

SQL security = definer
and define = current_user

In some cases, it would be useful to change the default behaviour to
get more possibilities to use roles , epecially if the create statements can't be changed
later, because they are from downloaded applications etc.

So the default behaviour should be changable with system variables.

suggestion:

Variable:
definer_default

possible value:
current_user, current_role
default is current_user

For current_role , if current_role != null then back to current_user

Variable
default_sqlsecurity

possible values:
invoker, definer

default= definer

Comments

Comment by Thomas Kniep [ 2019-11-15 ]

Hi,

sorry for interfering, I noticed that this issue changed from Major to Minor, is there anything we can to to get more attention on this one?

Thanks a lot

Thomas

Generated at Thu Feb 08 09:03:50 UTC 2024 using Jira 8.20.16#820016-sha1:9d11dbea5f4be3d4cc21f03a88dd11d8c8687422.

[MDEV-21000] default behaviour of sql security and should be configurable. Created: 2019-06-19 Updated: 2021-01-25