Below are the set of services provides methods for components to manipulate the thread's security context. More...

#include <security_context.h>

Public Attributes
mysql_service_status_t(*	get )(void _thd, Security_context_handle out_ctx)
	Gets the security context for the thread. More...

mysql_service_status_t(*	set )(void *_thd, Security_context_handle in_ctx)
	Sets a new security context for the thread. More...

Detailed Description

Below are the set of services provides methods for components to manipulate the thread's security context.

mysql_thd_security_context mysql_security_context_factory mysql_account_database_security_context_lookup mysql_security_context_options

These services allows creation, copying, filling in by user account and destruction of security context objects. It also allows getting and setting the security context for a thread. And it also allows reading and setting security context properties.

The range of the above services allows components to inspect the security context they're running it, impersonate a user account of their choice (a.k.a. sudo in Unix) and craft a security context not related to an existing user account.

No authentication is done in any of the above services. Authentication is specific to the media and does not belong to the security context, that's used mostly for authorization.

Make sure you keep the original security context of a thread or restore it when done, as leaving a different security context active may lead to various kinds of problems.

Member Data Documentation

◆ get

mysql_service_status_t(* s_mysql_mysql_thd_security_context::get) (void *_thd, Security_context_handle *out_ctx)

Gets the security context for the thread.

Parameters

[in]	_thd	The thread to get the context from
[out]	out_ctx	placeholder for the security context handle

Return values

true	failure
false	success

◆ set

mysql_service_status_t(* s_mysql_mysql_thd_security_context::set) (void *_thd, Security_context_handle in_ctx)

Sets a new security context for the thread.