diff options
| author | unknown <anozdrin/alik@station.> | 2007-10-19 19:57:08 +0400 |
|---|---|---|
| committer | unknown <anozdrin/alik@station.> | 2007-10-19 19:57:08 +0400 |
| commit | 66cd6d0c8f24825a688f8dd8d091c7a50d72fbb5 (patch) | |
| tree | 20d207ba5cba2e066daefa6ce8ca6d5bdde321aa /sql/event_scheduler.cc | |
| parent | b0488a32038ca9abf8e9ec8ec2482598aca133ab (diff) | |
| download | mariadb-git-66cd6d0c8f24825a688f8dd8d091c7a50d72fbb5.tar.gz | |
Patch for BUG#31111: --read-only crashes MySQL (events fail to load).
There actually were several problems here:
- WRITE-lock is required to load events from the mysql.event table,
but in the read-only mode an ordinary user can not acquire it;
- Security_context::master_access attribute was not properly
initialized in Security_context::init(), which led to differences
in behavior with and without debug configure options.
- if the server failed to load events from mysql.event, it forgot to
close the mysql.event table, that led to the coredump, described
in the bug report.
The patch is to fix all these problems:
- Use the super-user to acquire WRITE-lock on the mysql.even table;
- The WRITE-lock is acquired by the event scheduler in two cases:
- on initial loading of events from the database;
- when an event has been executed, so its attributes should
be updated.
Other cases when WRITE-lock is needed for the mysql.event table
happen under the user account. So, nothing should be changed there
for the read-only mode. The user is able to create/update/drop
an event only if he is a super-user.
- Initialize Security_context::master_access;
- Close the mysql.event table in case something went wrong.
mysql-test/r/events_bugs.result:
Update result file.
mysql-test/t/events_bugs.test:
A test case for BUG#31111: --read-only crashes MySQL (events fail
to load).
sql/event_data_objects.cc:
When the worker thread is going to drop event after the execution
we should do it under the super-user privileges in order to be able
to lock the mysql.event table for writing in the read-only mode.
This is a system operation, where user SQL can not be executed.
So, there is no risk in compromising security by dropping an event
under the super-user privileges.
sql/event_db_repository.cc:
1. Close tables if something went wrong in simple_open_n_lock_tables();
2. As soon as the system event scheduler thread is running under
the super-user privileges, we should always be able to acquire
WRITE-lock on the mysql.event table. However, let's have an assert
to check this.
sql/event_scheduler.cc:
Run the system event scheduler thread under the super-user privileges.
In particular, this is needed to be able to lock the mysql.event table
for writing when the server is running in the read-only mode.
The event scheduler executes only system operations and does not
execute user SQL (this is what the worker threads for). So, there
is no risk in compromising security by running the event scheduler
under the super-user privileges.
sql/events.cc:
Open the mysql.event table as the super user to be able to acquire
WRITE-lock in the read-only mode.
sql/sql_class.cc:
Initialize Security_context::master_acces.
Diffstat (limited to 'sql/event_scheduler.cc')
| -rw-r--r-- | sql/event_scheduler.cc | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/sql/event_scheduler.cc b/sql/event_scheduler.cc index b03b51f1134..d3a031fd8f8 100644 --- a/sql/event_scheduler.cc +++ b/sql/event_scheduler.cc @@ -399,6 +399,13 @@ Event_scheduler::start() new_thd->system_thread= SYSTEM_THREAD_EVENT_SCHEDULER; new_thd->command= COM_DAEMON; + /* + We should run the event scheduler thread under the super-user privileges. + In particular, this is needed to be able to lock the mysql.event table + for writing when the server is running in the read-only mode. + */ + new_thd->security_ctx->master_access |= SUPER_ACL; + scheduler_param_value= (struct scheduler_param *)my_malloc(sizeof(struct scheduler_param), MYF(0)); scheduler_param_value->thd= new_thd; |