Polishing: after implementing TRIGGER privilege, mysqld option

'--log-bin-trust-function-creators' affects not only replication of the
stored functions, but also replication of the triggers.


sql/mysqld.cc:
  Updated the description of mysqld '--log-bin-trust-function-creators' option
  to reflect that after introducing TRIGGER privilege this option also controls
  replication of triggers.
sql/sql_trigger.cc:
  Updated the comment to be consistent with the new behaviour,
  introduced by TRIGGER privilege.
This commit is contained in:
unknown 2006-02-13 15:00:01 +03:00
parent df59e69c03
commit 5f1f402333
2 changed files with 4 additions and 6 deletions

View File

@ -5234,8 +5234,8 @@ Disable with --skip-innodb-doublewrite.", (gptr*) &innobase_use_doublewrite,
*/ */
{"log-bin-trust-function-creators", OPT_LOG_BIN_TRUST_FUNCTION_CREATORS, {"log-bin-trust-function-creators", OPT_LOG_BIN_TRUST_FUNCTION_CREATORS,
"If equal to 0 (the default), then when --log-bin is used, creation of " "If equal to 0 (the default), then when --log-bin is used, creation of "
"a function is allowed only to users having the SUPER privilege and only " "a function (a trigger) is allowed only to users having the SUPER privilege "
"if this function may not break binary logging." "and only if this function (trigger) may not break binary logging."
#ifdef HAVE_ROW_BASED_REPLICATION #ifdef HAVE_ROW_BASED_REPLICATION
" If using --binlog-format=row, the security issues do not exist and the " " If using --binlog-format=row, the security issues do not exist and the "
"binary logging cannot break so this option is automatically set to 1." "binary logging cannot break so this option is automatically set to 1."

View File

@ -195,10 +195,8 @@ bool mysql_create_or_drop_trigger(THD *thd, TABLE_LIST *tables, bool create)
/* /*
There is no DETERMINISTIC clause for triggers, so can't check it. There is no DETERMINISTIC clause for triggers, so can't check it.
But a trigger can in theory be used to do nasty things (if it supported But a trigger can in theory be used to do nasty things (if it supported
DROP for example) so we do the check for privileges. For now there is DROP for example) so we do the check for privileges. Triggers have the
already a stronger test right above; but when this stronger test will same nature as functions regarding binlogging: their body is implicitely
be removed, the test below will hold. Because triggers have the same
nature as functions regarding binlogging: their body is implicitely
binlogged, so they share the same danger, so trust_function_creators binlogged, so they share the same danger, so trust_function_creators
applies to them too. applies to them too.
*/ */