Description:
Seems you don't need any special privileges to enable the innodb_monitor,
innodb_table_monitor, innodb_lock_monitor, and innodb_tablespace_monitor described in
http://dev.mysql.com/doc/refman/5.0/en/innodb-monitor.html

How to repeat:
mysql -uroot -h127.0.0.1
flush privileges;
drop user 'shane'@'127.0.0.1';
grant usage on *.* to 'shane'@'127.0.0.1' identified by '12345';
exit
mysql -ushane -h127.0.0.1 -p12345 test

select user(),current_user();
show grants;

drop table if exists innodb_monitor;
create table innodb_monitor(a int)engine=innodb;
#look in error log
select sleep(30);
drop table if exists innodb_monitor;

drop table if exists innodb_table_monitor;
create table innodb_table_monitor(a int)engine=innodb;
#look in error log
select sleep(30);
drop table if exists innodb_table_monitor;

drop table if exists innodb_tablespace_monitor;
create table innodb_tablespace_monitor(a int)engine=innodb;
#look in error log
select sleep(30);
drop table if exists innodb_tablespace_monitor;

drop table if exists innodb_lock_monitor;
create table innodb_lock_monitor(a int)engine=innodb;
#look in error log
select sleep(30);
drop table if exists innodb_lock_monitor;

Suggested fix:
Since logging can have a negative performance impact, and potentially fill the disk, it
should be reserved for users with more privileges ?

Vasil, please look at fixing this in 5.1.

The performance impact of InnoDB monitors is small, but they could fill the disk with the
.err log.

Regards,

Heikki

Thank you for the bug report. Verified as described.

Patch that fixes this bug (against 5.1)

Attachment: bug34053.diff (application/octet-stream, text), 9.59 KiB.

Queued in 5.1-build.  NOT applied to 6.0, yet.  Docs team, please return it to "Patch
approved", waiting for a 6.0 snapshot from InnoDB devs.

A patch for this bug has been committed. After review, it may
be pushed to the relevant source trees for release in the next
version. You can access the patch from:

  http://lists.mysql.com/commits/42887

ChangeSet@1.2541, 2008-02-22 15:29:52-07:00, tsmith@ramayana.hindu.god +2 -0
  Bug #34053: normal users can enable innodb_monitor logging
  
  The check_global_access() function was made available to InnoDB, but
  was not defined in the embedded server library.  InnoDB, as a plugin,
  is not recompiled when the embedded server is built.  This caused a
  link failure when compiling applications which use the embedded server.
  
  The fix here is to always define check_global_access() externally; in
  the embedded server case, it is defined to just return OK.

A patch for this bug has been committed. After review, it may
be pushed to the relevant source trees for release in the next
version. You can access the patch from:

  http://lists.mysql.com/commits/42891

ChangeSet@1.2541, 2008-02-22 16:56:34-07:00, tsmith@ramayana.hindu.god +3 -0
  Bug #34053: normal users can enable innodb_monitor logging
  
  The check_global_access() function was made available to InnoDB, but
  was not defined in the embedded server library.  InnoDB, as a plugin,
  is not recompiled when the embedded server is built.  This caused a
  link failure when compiling applications which use the embedded server.
  
  The fix here is to always define check_global_access() externally; in
  the embedded server case, it is defined to just return OK.
  
  Also, don't run the test case for this bug in embedded server.

Pushed into 5.1.24-rc

Pushed into 6.0.5-alpha

Docs team: fixed in 5.1, but not yet in 6.0 (waiting for 6.0 snapshot).

Other minor detail: the check_global_access() function is made visible to
InnoDB in 6.0; but the changes in the handler code itself, to use that
function, are in 5.1 only.

After this fix, PROCESS privilege is required to start/stop the InnoDB monitoring.

Pushed into 5.1.23-ndb-6.3.11.

Noted in 5.1.24, 6.0.5 changelogs.

The PROCESS privilege now is required to start or stop InnoDB
monitoring. Previously, no privilege was required.