Bug #78846 | TRIGGER privilege documentation is incorrect, and dangerous | ||
---|---|---|---|
Submitted: | 15 Oct 2015 12:00 | Modified: | 18 Feb 2016 20:12 |
Reporter: | Service Desk | Email Updates: | |
Status: | Verified | Impact on me: | |
Category: | MySQL Server: Security: Privileges | Severity: | S4 (Feature request) |
Version: | 5.6 | OS: | Any |
Assigned to: | Assigned Account | CPU Architecture: | Any |
Tags: | mysqldump, trigger privilege |
[15 Oct 2015 12:00]
Service Desk
[18 Feb 2016 19:02]
Paul DuBois
I have addressed the documentation aspects of this bug report (to indicate that the TRIGGER privilege also confers ability to display triggers, and that trigger execution requires the trigger DEFINER to possess the TRIGGER privileges.) Reclassifying this bug report from a docs bug to a server feature request for possible change to mysqldump --triggers behavior as indicated in the report. (Might also apply to mysqlpump --{include,exclude}-triggers.)
[18 Feb 2016 20:12]
MySQL Verification Team
This bug is now only feature request, so it is appropriately being handled ....