Bug #38373 Running MySQL requires elevation on Vista
Submitted: 25 Jul 2008 12:20 Modified: 16 Oct 2012 5:18
Reporter: Vladislav Vaintroub Email Updates:
Status: Not a Bug Impact on me:
None 
Category:MySQL Server: Installing Severity:S2 (Serious)
Version:6.0.6 OS:Microsoft Windows (Vista+)
Assigned to: Assigned Account
Triage: Triaged: D2 (Serious)

[25 Jul 2008 12:20] Vladislav Vaintroub
Description:
Neither falcon nor Innodb can start and complain about denied permission on their tablespace files. Running MySQL should not require administrative rights
and elevation (at least not by default).

How to repeat:
Install 6.0.6. Use workaround  in Bug#38371 to get service running.
stop service, start MySQL from command line.

mysqld complains about missing permissions for falcon and innodb files and does not start.

Suggested fix:
Ensure that files in the data directory are readable and writable for normal user.
[25 Jul 2008 14:54] Miguel Solorzano
Hi Vladislav,

I only can install Oracle and MS SQL Server on Vista Ultimate with Administrator rights, that is when it is installed as service. So I wondering that behavior accepted by Windows user as default why we need to change it?. If you run MySQL as standalone you don't need Administrator rights to start and stop when installed on directories created by the normal user. The elevated rights are applied when installed as service or running on directories where is needed.
I meant when installed as service the default should be as Administrator user.
Thanks in advance.
[25 Jul 2008 15:22] Vladislav Vaintroub
Miguel,
can you explain me one reason why MySQL should run as administrator, except we want to create security wholes (IT Admins on Windows are very sensitive to security). Microsoft stated multiple times "dont use privileges unless absolutely necessary". And we know that MySQL does not necessary need any Admin right.
Installing as admin is something I agree with and common practice, but forcing to *run* as administrator by default, i.e rejecting non-administrator is a no-no.
[25 Jul 2008 16:07] Miguel Solorzano
Vladislav,

WhatI understood as "dont use privileges unless absolutely necessary" is to provide privileges to the users not the install of the server service. However I must agree this subject is very discussable and I could be wrong, so I am verifiying what you have reported and left the relevant people to decide if actually this a bug. I just expressed my opinion against. Thanks.
[6 May 2009 22:59] Iggy Galarza
I don't think any change is necessary in this case.  The MySQL Installer uses the the system application data directory (C:\ProgramData) by default. In this case, the default data directory (C:\ProgramData\MySQL\MySQL 5.1 Server\data) inherits the rights assigned to the system application data directory. There are two special rights assignments made for users by default:

Read & Execute  - Applies to Folder, Subfolder, and Files.
Special (Write) - Applies only to Folder and Subfolder.

This means that while a user on the machine can create files in the ProgramData\MySQL\MySQL 5.1 Server\data\mysql directory they cannot write to the existing files which prevents the server from starting on the command line.

I was able to start the server once I'd granted the standard 'Write' permission to the machine's Users and when I changed the Advanced Special set of permission to include the files also. 

In my opinion, we should continue to use the default Windows rights assignment for the data directory because doing otherwise would put the system's datafiles at risk for casual user whereas asking power users to adjust the permissions to suit their needs has less potential for disaster.
[29 Jul 2009 19:24] Vladislav Vaintroub
"I was able to start the server once I'd granted the standard 'Write' permission to the
machine's Users and when I changed the Advanced Special set of permission to include the files also. "

Power user shall make data directory accessible for every user to be able to run mysqld himself? Any better proposal?
[29 Jun 2012 1:44] Javier Rivera Zavala
You need admin-rights to stop the service in the first place.