Bug #14674 REAL_USER() function
Submitted: 5 Nov 2005 22:56 Modified: 14 Jun 2013 17:43
Reporter: Dan Lukes Email Updates:
Status: Verified Impact on me:
None 
Category:MySQL Server: Security: Privileges Severity:S4 (Feature request)
Version: OS:Any
Assigned to: CPU Architecture:Any

[5 Nov 2005 22:56] Dan Lukes
Description:
This function should be equivalent of CURRENT_USER() with exception that it return authenticated user (caller) even if called from stored function/procedures created with SQL SECURITY DEFINER.

How to repeat:
Try SELECT REAL_USER();
Do you know better way "how to repeat" missing feature on feature request ?
[3 Apr 2008 12:56] Erik Langhout
I really need this REAL_USER()!
See also: http://forums.mysql.com/read.php?99,154460,203390#msg-203390
[15 Dec 2010 11:31] Valeriy Kravchuk
What about existing USER() function? Check http://dev.mysql.com/doc/refman/5.1/en/information-functions.html#function_user
[15 Dec 2010 16:05] Dan Lukes
Unfortunately, no. 

See the difference between USER() and CURRENT_USER(). The CURRENT_USER() return the MySQL account that the server used to authenticate the current client. E.g. what account determines access privileges. 

So if I want to check the access privileges of calling user, then I need to know outside's CURRENT_USER(). 

The USER() return something different.

The USER() may return david@localhost - for example. But only CURRENT_USER() can reveal that such user has been approved as guest account ...
[20 Jun 2013 9:27] Georgi Kodinov
Posted by developer:
 
Thank you for the reasonable feature request. MySQL doesn't currently offer the information you're looking for. We will consider it as an addition to the functions you have.