Bug #50682 Inconsistence in access to PROCESSLIST
Submitted: 28 Jan 2010 9:14 Modified: 28 Jan 2010 14:36
Reporter: Peter Laursen (Basic Quality Contributor) Email Updates:
Status: Not a Bug Impact on me:
None 
Category:MySQL Server Severity:S3 (Non-critical)
Version:5.1.42 OS:Any
Assigned to: CPU Architecture:Any
Tags: qc

[28 Jan 2010 9:14] Peter Laursen 
Description:
http://dev.mysql.com/doc/refman/5.1/en/privileges-provided.html#priv_super

"The SUPER privilege enables an account to use CHANGE MASTER TO, KILL or mysqladmin kill to kill threads belonging to other accounts"

http://dev.mysql.com/doc/refman/5.1/en/privileges-provided.html#priv_super

"If you have the PROCESS privilege, you can see all threads. Otherwise, you can see only your own threads"

How to repeat:
GRANT SUPER ON *.* TO 'someusername'@'somehost'.

As 'someusername'@'somehost' execute SHOW FULL PROCESSLIST 
.. what returns user's own threads as per documentation.

But good question is: How should I (in a meaningful way) kill processes that I cannot see details of?

I think (but I am not perfectly sure) that at an earlier point SUPER privilege would also give access to PROCESSLIST for all users.

Suggested fix:
Provide consistency.
[28 Jan 2010 14:36] Sveta Smirnova 
Thank you for the report.

This was done by design: SUPER grants some administrative privileges, but does not grant SELECT etc. So there is no reason to mix SUPER and PROCESS.