MySQL 8.0.39
Source Code Documentation
|
Go to the source code of this file.
Classes | |
struct | s_mysql_mysql_thd_security_context |
Below are the set of services provides methods for components to manipulate the thread's security context. More... | |
struct | s_mysql_mysql_security_context_factory |
struct | s_mysql_mysql_account_database_security_context_lookup |
struct | s_mysql_mysql_security_context_options |
Typedefs | |
typedef struct s_mysql_mysql_thd_security_context | mysql_service_mysql_thd_security_context_t |
Below are the set of services provides methods for components to manipulate the thread's security context. More... | |
typedef struct s_mysql_mysql_security_context_factory | mysql_service_mysql_security_context_factory_t |
typedef struct s_mysql_mysql_account_database_security_context_lookup | mysql_service_mysql_account_database_security_context_lookup_t |
typedef struct s_mysql_mysql_security_context_options | mysql_service_mysql_security_context_options_t |
typedef struct s_mysql_mysql_account_database_security_context_lookup mysql_service_mysql_account_database_security_context_lookup_t |
typedef struct s_mysql_mysql_security_context_factory mysql_service_mysql_security_context_factory_t |
typedef struct s_mysql_mysql_security_context_options mysql_service_mysql_security_context_options_t |
Below are the set of services provides methods for components to manipulate the thread's security context.
mysql_thd_security_context mysql_security_context_factory mysql_account_database_security_context_lookup mysql_security_context_options
These services allows creation, copying, filling in by user account and destruction of security context objects. It also allows getting and setting the security context for a thread. And it also allows reading and setting security context properties.
The range of the above services allows components to inspect the security context they're running it, impersonate a user account of their choice (a.k.a. sudo in Unix) and craft a security context not related to an existing user account.
No authentication is done in any of the above services. Authentication is specific to the media and does not belong to the security context, that's used mostly for authorization.
Make sure you keep the original security context of a thread or restore it when done, as leaving a different security context active may lead to various kinds of problems.