List:Commits« Previous MessageNext Message »
From:Alexander Nozdrin Date:February 10 2006 12:25pm
Subject:bk commit into 5.1 tree (anozdrin:1.2081)
View as plain text  
Below is the list of changes that have just been committed into a local
5.1 repository of alik. When alik does a push these changes will
be propagated to the main repository and, within 24 hours after the
push, to the public repository.
For information on how to access the public repository
see http://dev.mysql.com/doc/mysql/en/installing-source-tree.html

ChangeSet
  1.2081 06/02/10 15:25:48 anozdrin@stripped +2 -0
  Polishing: after implementing TRIGGER privilege, mysqld option 
  '--log-bin-trust-function-creators' affects not only replication of the
  stored functions, but also replication of the triggers.

  sql/sql_trigger.cc
    1.48 06/02/10 15:25:45 anozdrin@stripped +2 -4
    Updated the comment to be consistent with the new behaviour,
    introduced by TRIGGER privilege.

  sql/mysqld.cc
    1.531 06/02/10 15:25:45 anozdrin@stripped +2 -2
    Updated the description of mysqld '--log-bin-trust-function-creators' option
    to reflect that after introducing TRIGGER privilege this option also controls
    replication of triggers.

# This is a BitKeeper patch.  What follows are the unified diffs for the
# set of deltas contained in the patch.  The rest of the patch, the part
# that BitKeeper cares about, is below these diffs.
# User:	anozdrin
# Host:	station.home
# Root:	/home/alik/Documents/AllProgs/MySQL/devel/5.1-security-triggers

--- 1.530/sql/mysqld.cc	2006-02-05 12:06:04 +03:00
+++ 1.531/sql/mysqld.cc	2006-02-10 15:25:45 +03:00
@@ -5216,8 +5216,8 @@
   */
   {"log-bin-trust-function-creators", OPT_LOG_BIN_TRUST_FUNCTION_CREATORS,
    "If equal to 0 (the default), then when --log-bin is used, creation of "
-   "a function is allowed only to users having the SUPER privilege and only "
-   "if this function may not break binary logging."
+   "a function (a trigger) is allowed only to users having the SUPER privilege "
+   "and only if this function (trigger) may not break binary logging."
 #ifdef HAVE_ROW_BASED_REPLICATION
    " If using --binlog-format=row, the security issues do not exist and the "
    "binary logging cannot break so this option is automatically set to 1."

--- 1.47/sql/sql_trigger.cc	2006-02-10 15:07:14 +03:00
+++ 1.48/sql/sql_trigger.cc	2006-02-10 15:25:45 +03:00
@@ -195,10 +195,8 @@
   /*
     There is no DETERMINISTIC clause for triggers, so can't check it.
     But a trigger can in theory be used to do nasty things (if it supported
-    DROP for example) so we do the check for privileges. For now there is
-    already a stronger test right above; but when this stronger test will
-    be removed, the test below will hold. Because triggers have the same
-    nature as functions regarding binlogging: their body is implicitely
+    DROP for example) so we do the check for privileges. Triggers have the
+    same nature as functions regarding binlogging: their body is implicitely
     binlogged, so they share the same danger, so trust_function_creators
     applies to them too.
   */
Thread
bk commit into 5.1 tree (anozdrin:1.2081)Alexander Nozdrin10 Feb