pt-table-checksum changes binlog_format even if already set to statement

Reported by Rob Smith on 2012-01-20
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Percona Toolkit
Medium
Brian Fraser

Bug Description

pt-table-checksum currently changes the session binlog_format to statement no matter what it currently is set to. This requires the super privilege on mysql 5.1.29+.

From http://dev.mysql.com/doc/refman/5.1/en/replication-options-binary-log.html#sysvar_binlog_format

You must have the SUPER privilege to set the global binlog_format value. Starting with MySQL 5.1.29, you must have the SUPER privilege to set either the global or session binlog_format value. (Bug #39106)

pt-table-checksum should check to see the current value of binlog_format before attempting to change it.

Sheeri K. Cabral (awfief) wrote :

This is a security issue - there shouldn't be a need for a SUPER user for this functionality. Especially since many folks will store the password for the checksum user in a script somewhere.

Changed in percona-toolkit:
milestone: none → 2.0.3
importance: Undecided → Medium
status: New → Confirmed
assignee: nobody → Brian Fraser (fraserbn)
tags: added: privs
Brian Fraser (fraserbn) on 2012-02-01
Changed in percona-toolkit:
status: Confirmed → Fix Committed
Baron Schwartz (baron-xaprb) wrote :

Brian,

I looked at the branch changes. It can be a bit cleaner code. Old:

      my $sql = 'SHOW VARIABLES LIKE "binlog_format"';
      my (undef, $original_binlog_format) = $dbh->selectrow_array($sql);

Suggested:

      my $sql = 'SELECT @@binlog_format';
      my ($original_binlog_format) = $dbh->selectrow_array($sql);

Why this matters:

1. Less confusing code in the Perl
2. Doesn't use a double-quoted string in the SQL, which we know we're going to have to avoid someday to make the tools behave when SQL_MODE=ANSI

Changed in percona-toolkit:
status: Fix Committed → In Progress
summary: - pt-table-checksum should not change binlog_format if already set to
- statement
+ pt-table-checksum changes binlog_format even if already set to statement
Changed in percona-toolkit:
status: In Progress → Fix Committed
Changed in percona-toolkit:
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers