*: fix permissions of brie RESTORE to be RESTORE_ADMIN#25039
Conversation
ti-chi-bot
added
the
size/S
morgo
force-pushed
the
fix-restore-permissions
branch
from
1855fab to
5f64c63
Compare
|
@kennytm: Please use GitHub review feature instead of For the reason we drop support to the commands, see also this page. DetailsInstructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the ti-community-infra/tichi repository. |
|
[REVIEW NOTIFICATION] This pull request has been approved by:
To complete the pull request process, please ask the reviewers in the list to review by filling The full list of commands accepted by this bot can be found here. DetailsReviewer can indicate their review by submitting an approval review. |
ti-chi-bot
added
status/LGT2
|
/lgtm |
|
@AilinKid: Please use GitHub review feature instead of For the reason we drop support to the commands, see also this page. DetailsInstructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the ti-community-infra/tichi repository. |
|
/merge |
|
@morgo: DetailsIn response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the ti-community-infra/tichi repository. |
|
/merge |
ti-chi-bot
added
the
status/can-merge
|
/merge cancel |
ti-chi-bot
removed
the
status/can-merge
|
The test failure is because |
|
/run-all-tests --tidb-test=pr/1205 |
|
/run-all-tests --tidb-test=pr/1205 |
|
/merge |
|
This pull request has been accepted and is ready to merge. DetailsCommit hash: e4dbf2b |
ti-chi-bot
added
the
status/can-merge
|
/run-common-test |
|
/run-integration-br-test |
|
/run-common-test |
Signed-off-by: ti-srebot <ti-srebot@pingcap.com>
|
cherry pick to release-5.1 in PR #25227 |
5 participants
What problem does this PR solve?
Issue Number: close #24912
Problem Summary:
Previously the
RESTOREcommand was intended to requireBACKUP_ADMINprivilege, but this did not work correctly, as the internal execute commands required additional privileges (ALTER).After discussion,
RESTOREis a riskier operation thanBACKUPand so it should require a distinct set of fine-grained permissions. The outcome of the discussion is that we would add theRESTORE_ADMINdynamic privilege.This is manually tested because it requires a tikv server to correctly reproduce the original issue.
What is changed and how it works?
What's Changed:
Executing the
RESTOREorSHOW RESTORESstatements now requires theRESTORE_ADMINprivilege. For backward compatibility, theSUPERprivilege is also permitted, but not recommended.Related changes
pingcap/docs/pingcap/docs-cn: will provide.Check List
Tests
Side effects
Release note
RESTOREorSHOW RESTORESstatements now requires theRESTORE_ADMINprivilege. For backward compatibility, theSUPERprivilege is also permitted, but not recommended.