?
Solved

Why would root@localhost not have SUPER privileges to begin with?

Posted on 2014-02-20
6
Medium Priority
?
511 Views
Last Modified: 2014-02-23
I recently discovered on a windows based MySQL 5.6.10 version the root@localhost user
did not have SUPER privileges and I would like to know why that would be?

Is there some odd security issue in granting SUPER privileges to the root@localhost user?
0
Comment
Question by:Robert Silver
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
6 Comments
 
LVL 24

Expert Comment

by:mankowitz
ID: 39873652
While mysql is set up by default to have the root user have superuser privileges, it doesn't have to stay that way. You can modify any account you want. In fact, if I were going to try to hack into a mysql server, I'd probably try to hack the root account. Wouldn't it be funny if the root user had no privileges or didn't exist at all?
0
 
LVL 84

Expert Comment

by:Dave Baldwin
ID: 39874635
Why are you saying that it doesn't?  What is it you can't do?
0
 
LVL 2

Author Comment

by:Robert Silver
ID: 39875477
No it turns out I was wr ong. I did have to set:
SET GLOBAL log_bin_trust_function_creators = 1;  
What I find rather odd is why is this variable not listed in the 5.6 version MySQL reference
manual?
to enable the creation of a function on a database being replicated.
At one point I thought I could exit out and grant SUPER on *.* to 'localhost'@'root'
however,  that now seems wrong
show grants just shows:
 grant all on *.* with grant option

GRANT ALL PRIVILEGES ON *.* TO 'root'@'localhost' IDENTIFIED BY PASSWORD '*....
GRANT PROXY ON ''@'' TO 'root'@'localhost' WITH GRANT OPTION

What does that variable do exactly when set to true ?

I do know that once set I could create functions I could not create prior to  its setting to true
0
NFR key for Veeam Backup for Microsoft Office 365

Veeam is happy to provide a free NFR license (for 1 year, up to 10 users). This license allows for the non‑production use of Veeam Backup for Microsoft Office 365 in your home lab without any feature limitations.

 
LVL 24

Accepted Solution

by:
mankowitz earned 2000 total points
ID: 39877660
That variable is in the docs. See https://dev.mysql.com/doc/refman/5.6/en/stored-programs-logging.html:

To relax the preceding conditions on function creation (that you must have the SUPER privilege and that a function must be declared deterministic or to not modify data), set the global log_bin_trust_function_creators system variable to 1. By default, this variable has a value of 0,
0
 
LVL 2

Author Closing Comment

by:Robert Silver
ID: 39878513
Okay so when I create a deterministic e.g    f(x)=  sin(x) *6
or
CREATE FUNCTION helloguy (s CHAR(20))
RETURNS CHAR(50)
DETERMINISTIC RETURN CONCAT('Hello, ',s,'!');

The return must be prefixed with DETERMINISTIC  or else that variable needs to be set?

Also do you know what version of MySQL DETERMINISTIC and that variable :
 log_bin_trust_function_creators  was added?

That of course works so now I know if a function is to work with replication it must be
defined by the return statement being proceeded by DETERMINISTIC key word

A definite gotcha!
0
 
LVL 24

Expert Comment

by:mankowitz
ID: 39880868
I agree. It's not immediately obvious, but deterministic functions have totally different implications for replication. If you can reliably predict the output of a function, you can simply store the function in the replication table. If the function applies a random effect to the data, you have to store all of the changed rows.
0

Featured Post

Simplifying Server Workload Migrations

This use case outlines the migration challenges that organizations face and how the Acronis AnyData Engine supports physical-to-physical (P2P), physical-to-virtual (P2V), virtual to physical (V2P), and cross-virtual (V2V) migration scenarios to address these challenges.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The Windows functions GetTickCount and timeGetTime retrieve the number of milliseconds since the system was started. However, the value is stored in a DWORD, which means that it wraps around to zero every 49.7 days. This article shows how to solve t…
Containers like Docker and Rocket are getting more popular every day. In my conversations with customers, they consistently ask what containers are and how they can use them in their environment. If you’re as curious as most people, read on. . .
This Micro Tutorial will go in depth within Systems and Security in Windows 7 and will go into detail regarding Action Center, Windows Firewall, System, etc. This will be demonstrated using Windows 7 operating system.
This Micro Tutorial will give you a basic overview of Windows DVD Burner through its features and interface. This will be demonstrated using Windows 7 operating system.
Suggested Courses

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question