diff --git a/mysql-test/r/rpl_temporary.result b/mysql-test/r/rpl_temporary.result index e7b64066c37..97561aa1218 100644 --- a/mysql-test/r/rpl_temporary.result +++ b/mysql-test/r/rpl_temporary.result @@ -7,6 +7,12 @@ start slave; reset master; SET @@session.pseudo_thread_id=100; ERROR HY000: Access denied. You need the SUPER privilege for this operation +SET @@session.sql_log_bin=0; +ERROR HY000: Access denied. You need the SUPER privilege for this operation +SET @@session.pseudo_thread_id=100; +SET @@session.pseudo_thread_id=connection_id(); +SET @@session.sql_log_bin=0; +SET @@session.sql_log_bin=1; drop table if exists t1,t2; create table t1(f int); create table t2(f int); diff --git a/mysql-test/t/rpl_temporary.test b/mysql-test/t/rpl_temporary.test index 0df8ceb6377..c456562f0e5 100644 --- a/mysql-test/t/rpl_temporary.test +++ b/mysql-test/t/rpl_temporary.test @@ -30,7 +30,17 @@ connect (con3,localhost,zedjzlcsjhd,,); connection con3; --error 1227 SET @@session.pseudo_thread_id=100; +# While we are here we also test that SQL_LOG_BIN can't be set +--error 1227 +SET @@session.sql_log_bin=0; +# Now as root, to be sure it works +connection con2; +SET @@session.pseudo_thread_id=100; +SET @@session.pseudo_thread_id=connection_id(); +SET @@session.sql_log_bin=0; +SET @@session.sql_log_bin=1; +connection con3; let $VERSION=`select version()`; --disable_warnings diff --git a/sql/log.cc b/sql/log.cc index e25d853e2b6..6b091484a82 100644 --- a/sql/log.cc +++ b/sql/log.cc @@ -1208,8 +1208,7 @@ bool MYSQL_LOG::write(Log_event* event_info) "do the involved tables match (to be implemented) binlog_[wild_]{do|ignore}_table?" (WL#1049)" */ - if ((thd && !(thd->options & OPTION_BIN_LOG) && - (thd->master_access & SUPER_ACL)) || + if ((thd && !(thd->options & OPTION_BIN_LOG)) || (local_db && !db_ok(local_db, binlog_do_db, binlog_ignore_db))) { VOID(pthread_mutex_unlock(&LOCK_log)); @@ -1556,11 +1555,7 @@ bool MYSQL_LOG::write(THD *thd,const char *query, uint query_length, int tmp_errno=0; char buff[80],*end; end=buff; - if (!(thd->options & OPTION_UPDATE_LOG) -#ifndef NO_EMBEDDED_ACCESS_CHECKS - && (thd->master_access & SUPER_ACL) -#endif - ) + if (!(thd->options & OPTION_UPDATE_LOG)) { VOID(pthread_mutex_unlock(&LOCK_log)); return 0; diff --git a/sql/set_var.cc b/sql/set_var.cc index 576e33002da..90e3e82fe02 100644 --- a/sql/set_var.cc +++ b/sql/set_var.cc @@ -2288,6 +2288,13 @@ static bool set_option_autocommit(THD *thd, set_var *var) static bool set_log_update(THD *thd, set_var *var) { +#ifndef NO_EMBEDDED_ACCESS_CHECKS + if (!(thd->master_access & SUPER_ACL)) + { + my_error(ER_SPECIFIC_ACCESS_DENIED_ERROR, MYF(0), "SUPER"); + return 1; + } +#endif if (opt_sql_bin_update) ((sys_var_thd_bit*) var->var)->bit_flag|= (OPTION_BIN_LOG | OPTION_UPDATE_LOG); diff --git a/sql/sql_insert.cc b/sql/sql_insert.cc index a9b947505f0..f463c6a27ff 100644 --- a/sql/sql_insert.cc +++ b/sql/sql_insert.cc @@ -134,15 +134,10 @@ int mysql_insert(THD *thd,TABLE_LIST *table_list, thd->lex->select_lex.table_list.first; DBUG_ENTER("mysql_insert"); -#ifndef NO_EMBEDDED_ACCESS_CHECKS - if (thd->master_access & SUPER_ACL) -#endif - { - if (!(thd->options & OPTION_UPDATE_LOG)) - log_on&= ~(int) DELAYED_LOG_UPDATE; - if (!(thd->options & OPTION_BIN_LOG)) - log_on&= ~(int) DELAYED_LOG_BIN; - } + if (!(thd->options & OPTION_UPDATE_LOG)) + log_on&= ~(int) DELAYED_LOG_UPDATE; + if (!(thd->options & OPTION_BIN_LOG)) + log_on&= ~(int) DELAYED_LOG_BIN; /* in safe mode or with skip-new change delayed insert to be regular if we are told to replace duplicates, the insert cannot be concurrent