Commit 9b450d44 authored by unknown's avatar unknown

Changing SET SQL_LOG_BIN so that it explicitely throws an error if

user is not SUPER, instead of setting the value but ignoring it
silently internally.


mysql-test/r/rpl_temporary.result:
  result update
mysql-test/t/rpl_temporary.test:
  adding test for privileges for SET SQL_LOG_BIN
sql/log.cc:
  don't need to check SUPER
sql/set_var.cc:
  refuse SET SQL_LOG_BIN if not SUPER
sql/sql_insert.cc:
  Don't need to check SUPER
parent f2546fdb
......@@ -7,6 +7,12 @@ start slave;
reset master;
SET @@session.pseudo_thread_id=100;
ERROR HY000: Access denied. You need the SUPER privilege for this operation
SET @@session.sql_log_bin=0;
ERROR HY000: Access denied. You need the SUPER privilege for this operation
SET @@session.pseudo_thread_id=100;
SET @@session.pseudo_thread_id=connection_id();
SET @@session.sql_log_bin=0;
SET @@session.sql_log_bin=1;
drop table if exists t1,t2;
create table t1(f int);
create table t2(f int);
......
......@@ -30,7 +30,17 @@ connect (con3,localhost,zedjzlcsjhd,,);
connection con3;
--error 1227
SET @@session.pseudo_thread_id=100;
# While we are here we also test that SQL_LOG_BIN can't be set
--error 1227
SET @@session.sql_log_bin=0;
# Now as root, to be sure it works
connection con2;
SET @@session.pseudo_thread_id=100;
SET @@session.pseudo_thread_id=connection_id();
SET @@session.sql_log_bin=0;
SET @@session.sql_log_bin=1;
connection con3;
let $VERSION=`select version()`;
--disable_warnings
......
......@@ -1208,8 +1208,7 @@ bool MYSQL_LOG::write(Log_event* event_info)
"do the involved tables match (to be implemented)
binlog_[wild_]{do|ignore}_table?" (WL#1049)"
*/
if ((thd && !(thd->options & OPTION_BIN_LOG) &&
(thd->master_access & SUPER_ACL)) ||
if ((thd && !(thd->options & OPTION_BIN_LOG)) ||
(local_db && !db_ok(local_db, binlog_do_db, binlog_ignore_db)))
{
VOID(pthread_mutex_unlock(&LOCK_log));
......@@ -1556,11 +1555,7 @@ bool MYSQL_LOG::write(THD *thd,const char *query, uint query_length,
int tmp_errno=0;
char buff[80],*end;
end=buff;
if (!(thd->options & OPTION_UPDATE_LOG)
#ifndef NO_EMBEDDED_ACCESS_CHECKS
&& (thd->master_access & SUPER_ACL)
#endif
)
if (!(thd->options & OPTION_UPDATE_LOG))
{
VOID(pthread_mutex_unlock(&LOCK_log));
return 0;
......
......@@ -2288,6 +2288,13 @@ static bool set_option_autocommit(THD *thd, set_var *var)
static bool set_log_update(THD *thd, set_var *var)
{
#ifndef NO_EMBEDDED_ACCESS_CHECKS
if (!(thd->master_access & SUPER_ACL))
{
my_error(ER_SPECIFIC_ACCESS_DENIED_ERROR, MYF(0), "SUPER");
return 1;
}
#endif
if (opt_sql_bin_update)
((sys_var_thd_bit*) var->var)->bit_flag|= (OPTION_BIN_LOG |
OPTION_UPDATE_LOG);
......
......@@ -134,15 +134,10 @@ int mysql_insert(THD *thd,TABLE_LIST *table_list,
thd->lex->select_lex.table_list.first;
DBUG_ENTER("mysql_insert");
#ifndef NO_EMBEDDED_ACCESS_CHECKS
if (thd->master_access & SUPER_ACL)
#endif
{
if (!(thd->options & OPTION_UPDATE_LOG))
log_on&= ~(int) DELAYED_LOG_UPDATE;
if (!(thd->options & OPTION_BIN_LOG))
log_on&= ~(int) DELAYED_LOG_BIN;
}
/*
in safe mode or with skip-new change delayed insert to be regular
if we are told to replace duplicates, the insert cannot be concurrent
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment