Hi, Alexander! Just a couple of issues that were left open after our slack chat.
Everything else looks fine, nothing new below. On Mar 01, Alexander Barkov wrote: > revision-id: 9aace068f0c (mariadb-10.5.0-277-g9aace068f0c) > parent(s): 607960c7722 > author: Alexander Barkov <b...@mariadb.com> > committer: Alexander Barkov <b...@mariadb.com> > timestamp: 2020-03-01 11:49:25 +0400 > message: > > MDEV-21743 Split up SUPER privilege to smaller privileges > +constexpr uint PRIVILEGE_T_MAX_BIT= 36; > + > +static_assert((privilege_t)(1ULL << PRIVILEGE_T_MAX_BIT) == LAST_CURRENT_ACL, > + "LAST_CURRENT_ACL and PRIVILEGE_T_MAX_BIT do not match"); I'd still prefer to get rid of static_assert here. E.g. with constexpr uint PRIVILEGE_T_MAX_BIT= my_bit_log2(LAST_CURRENT_ACL); (and fixing my_bit_log2 to work with ulonglong). > @@ -7151,6 +7150,18 @@ bool check_global_access(THD *thd, privilege_t > want_access, bool no_errors) > { > #ifndef NO_EMBEDDED_ACCESS_CHECKS > char command[128]; > + /* > + The userstat plugin in > + plugin/userstat/client_stats.cc > + plugin/userstat/user_stats.cc > + calls > + check_global_access(SUPER_ACL | PROCESS_ACL) > + when populating CLIENT_STATISTICS and USER_STATISTICS > + INFORMATION_SCHEMA tables. > + We should eventually fix it to use one privilege only and uncomment > + the DBUG_ASSERT below: > + */ > + //DBUG_ASSERT(my_count_bits(want_access) <= 1); I think you can remove SUPER_ACL from the userstat plugin and uncomment the assert above. Regards, Sergei VP of MariaDB Server Engineering and secur...@mariadb.org _______________________________________________ Mailing list: https://launchpad.net/~maria-developers Post to : maria-developers@lists.launchpad.net Unsubscribe : https://launchpad.net/~maria-developers More help : https://help.launchpad.net/ListHelp