[MDEV-29650] SUPER has monitor privileges but they are not added to pre-10.5 SUPER users Created: 2022-09-27  Updated: 2023-11-28

Status: Open
Project: MariaDB Server
Component/s: Authentication and Privilege System
Affects Version/s: 10.5, 10.6, 10.7, 10.8, 10.9, 10.10
Fix Version/s: 10.5, 10.6

Type: Bug Priority: Minor
Reporter: Elena Stepanova Assignee: Sergei Golubchik
Resolution: Unresolved Votes: 0
Labels: None


 Description   

Upon upgrade from pre-10.5 versions SUPER users are given explicit privileges which SUPER alias includes, apparently for future deprecation of the alias.

However, not all of them are added. SUPER also includes BINLOG_MONITOR and SLAVE_MONITOR privileges, but they are not added to the users with SUPER.

10.5 fb70bb44

 
MariaDB [(none)]> show slave status;
 
Empty set (0.000 sec)
 
 
 
MariaDB [(none)]> show grants;
 
+-------------------------------------------------------------------------------------------------------------------------------------------------------+
 
| Grants for super@%                                                                                                                                    |
 
+-------------------------------------------------------------------------------------------------------------------------------------------------------+
 
| GRANT SUPER, SET USER, FEDERATED ADMIN, CONNECTION ADMIN, READ_ONLY ADMIN, REPLICATION SLAVE ADMIN, BINLOG ADMIN, BINLOG REPLAY ON *.* TO `super`@`%` |
 
+-------------------------------------------------------------------------------------------------------------------------------------------------------+
 
1 row in set (0.000 sec)
 
 
 
MariaDB [(none)]> show slave status;
 
Empty set (0.000 sec)


Generated at Thu Feb 08 10:10:14 UTC 2024 using Jira 8.20.16#820016-sha1:9d11dbea5f4be3d4cc21f03a88dd11d8c8687422.