MySQL takes the following measures to prevent misuse of user-defined functions.
You must have the
INSERT privilege to be
able to use
CREATE FUNCTION and the
DELETE privilege to be able to use
DROP FUNCTION. This is necessary because
these statements add and delete rows from the
UDFs should have at least one symbol defined in addition to
xxx symbol that corresponds to the main
xxx() function. These auxiliary symbols
correspond to the
mysqld also supports an
--allow-suspicious-udfs option that controls
whether UDFs that have only an
can be loaded. By default, the option is off, to prevent
attempts at loading functions from shared object files other
than those containing legitimate UDFs. If you have older UDFs
that contain only the
xxx symbol and that
cannot be recompiled to include an auxiliary symbol, it may be
necessary to specify the
--allow-suspicious-udfs option. Otherwise,
you should avoid enabling this capability.
UDF object files cannot be placed in arbitrary directories.
They must be located in the server's plugin directory. This
directory is given by the value of the
plugin_dir system variable.
(Note: This a change in MySQL
5.1. For earlier versions of MySQL, the shared object can be
located in any directory that is searched by your system's